Disable 2FA
Turn off two-factor authentication for a specific method when no longer needed
SECURITY MANAGEMENT
Disable 2FA
Disable a specific two-factor authentication method when it's no longer needed or switching to another method.
Security Warning
Disabling 2FA reduces account security. Ensure you have alternative security measures in place or are switching to another 2FA method.
Overview
The disable2FA mutation removes a specific two-factor authentication method from the user's account. This allows users to manage their 2FA settings by disabling methods they no longer wish to use.
GraphQL Schema
mutation {
disable2FA(
method: String!
): String!
}Parameters
method
RequiredString
2FA method to disable: app, email, or phone
Return Values
SuccessThe specified 2FA method has been successfully disabled. Sign-in will no longer require this method.
FailedFailed to disable 2FA method. The method may not be currently active or an internal error occurred.
Example Usage
Disable Authenticator App
mutation Disable2FA_App {
disable2FA(method: "app")
}Response:
{
"data": {
"disable2FA": "Success"
}
}2FA Disabled
Authenticator app 2FA has been disabled. Sign-in will no longer require codes from your authenticator app.
Disable Email 2FA
mutation Disable2FA_Email {
disable2FA(method: "email")
}Response:
{
"data": {
"disable2FA": "Success"
}
}Disable SMS 2FA
mutation Disable2FA_Phone {
disable2FA(method: "phone")
}Response:
{
"data": {
"disable2FA": "Success"
}
}Implementation Example
Frontend Integration
async function handleDisable2FA(method) {
// Show confirmation dialog first
const confirmed = await showConfirmDialog({
title: "Disable 2FA?",
message: `Are you sure you want to disable ${method} two-factor authentication? This will reduce your account security.`,
confirmText: "Disable",
cancelText: "Cancel",
type: "warning"
});
if (!confirmed) return;
try {
const result = await graphqlClient.mutate({
mutation: gql`
mutation Disable2FA($method: String!) {
disable2FA(method: $method)
}
`,
variables: {
method: method
}
});
const response = result.data.disable2FA;
if (response === "Success") {
showSuccess(`${method.toUpperCase()} 2FA has been disabled.`);
// Update local state
localStorage.removeItem(`2fa_${method}_enabled`);
// Refresh security settings
refreshSecuritySettings();
// Optionally suggest alternative security
if (!hasOther2FAMethods()) {
showWarning("Consider enabling another 2FA method to keep your account secure.");
}
} else {
showError("Failed to disable 2FA. Please try again.");
}
} catch (error) {
console.error("Disable 2FA failed:", error);
showError("An error occurred. Please try again later.");
}
}Use Cases
Switching Methods
Disabling one 2FA method before enabling a different, more convenient one
Lost Device
Disabling authenticator app 2FA after losing device with the app installed
Troubleshooting
Temporarily disabling 2FA to resolve access issues, then re-enabling
Number Change
Disabling SMS 2FA when changing phone numbers, before setting up new number
Best Practices
⚠️ Confirmation Required
Always show a confirmation dialog before disabling 2FA, explaining the security implications
🔐 Backup Methods
If disabling the only 2FA method, strongly encourage users to enable an alternative for security
📧 Email Notification
Send email notification when 2FA is disabled to alert user of security changes
🔄 Re-authentication
Consider requiring password re-entry or current 2FA code before allowing disable
Security Recommendations
Enable Alternative 2FA: Set up a different 2FA method to maintain two-factor protection
Strong Password: Ensure password is strong and unique if 2FA is fully disabled
Monitor Activity: Regularly check account activity for any unauthorized access