Skip to main content

Reset TOTP secret key

Contributors netapp-aherbin netapp-ahibbard

To protect your account security, if your TOTP secret key is compromised or lost, you should disable it and create a new one.

Reset TOTP if your key is compromised

If your TOTP secret key is compromised, but you still have access to it, you can remove the compromised key and create a new one.

  1. Log in to your user account with your user password or SSH public key and your compromised TOTP secret key.

  2. Remove the compromised TOTP secret key:

    security login totp delete -vserver <svm_name> -username <account_username>
  3. Create a new TOTP secret key:

    security login totp create -vserver <svm_name> -username <account_username>
  4. Verify that the TOTP configuration is enabled on your account:

    security login totp show -vserver <svm_name> -username <account_username>

Reset TOTP if your key is lost

If your TOTP secret key is lost, contact your storage administrator to have the key disabled. After your key is disabled, you can use your first authentication method to log in and configure a new TOTP.

Before you begin

The TOTP secret key must be disabled by a storage administrator. If you do not have a storage administrator account, contact your storage administrator to have the key disabled.

Steps
  1. After the TOTP secret is disabled by a storage administrator, use your primary authentication method to log in into your local account.

  2. Create a new TOTP secret key:

    security login totp create -vserver <svm_name> -username <account_username >
  3. Verify that the TOTP configuration is enabled on your account:

    security login totp show -vserver <svm_name> -username <account_username>