==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
After enabling 2FA for the admin user by logging-in as admin then selecting Preferences > 2FA the accounts table in the /opt/spider/db/settings.db shows:

 
username  otp_enabled  otp_secret
------------  ---------------  ----------------------
admin       1                   vqYS1t3qnO9Uxir0
auditor     0

While remaining logged-in as admin I attempted to enable 2FA for the auditor user by selecting Accounts > auditor > 2FA.

At the top-left of the settings screen Builtin Auditor(auditor) is displayed and 2FA is disabled so I assumed I was updating the auditor user, but after enabling 2FA the accounts table in the /opt/spider/db/settings.db shows:

username  otp_enabled  otp_secret
------------  ---------------  ------------------------
admin       1                   c2TKSuZH8dYK2vod
auditor     0

So no changes have been made to the intended auditor user, BUT the OTP secret for the admin user has been updated!!!!. Consequently I was unable to login as the admin user as the OTP was incorrect and there was no way to disable 2FA.

I ultimately enabled 2FA for the auditor user by logging-in as auditor and selecting Preferences > 2FA.

Incidentally, I was able to disable the auditor user while logged-in as admin and selecting Accounts > auditor > Settings > Enable account, so it's targeting the auditor user in this instance so why not for 2FA?

Regards, Steve.