Submit Feedback
Legacy Knowledge Base
Published Jun. 30, 2025

Incorrectly set email service prevents admin from finishing Multi-Factor Authentication process

Written By

Ricardo Couso

How To articles are not official guidelines or officially supporteddocumentation. They are community-contributed content and may not alwaysreflect the latest updates to Liferay DXP. We welcome your feedback toimprove How to articles!

While we make every effort to ensure this Knowledge Base is accurate, itmay not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with anyfeedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack"publication program, made available for informational purposes. Articlesin this program were published without a requirement for independentediting or verification and are provided "as is" withoutguarantee.

Before using any information from this article, independently verify itssuitability for your situation and project.

NOTE: This article is an INTERNAL article and is not visible to customers, currently. Please only link this article in internal comments, but not public comments.

Issue

  • Multi-Factor Authentication (MFA) requires the user to follow up with a sent email to finish authentication.
  • Email service was incorrectly set in Server Administration > Mail preventing the administrator to log in.
  • How can the administrator log in to fix the Email service configuration?

Environment

  • Liferay DXP 7.4, 7.3

Resolution

  • If there are other administrators, they should try to log in and disable MFA until the email service is correctly configured.
  • If that is not possible, the other option is to disable MFA with OSGi config files:
    1. Execute the SQL query:
      select * from Configuration_ where configurationid like 'com.liferay.multi.factor.authentication.email.otp.configuration.MFAEmailOTPConfiguration%'
    2. Create a new file for each of the results with:
      • File name: the value of the column configurationid from previous query adding the extension .config.
      • Content:the value of the column dictionary but changing enabled=B"true" to enabled=B"false".
    3. Create another file with:
      • File name: com.liferay.multi.factor.authentication.web.internal.system.configuration.MFASystemConfiguration.config
      • Content: 
        disableGlobally=B"true"
        service.pid="com.liferay.multi.factor.authentication.web.internal.system.configuration.MFASystemConfiguration"
    4. Stop the server.
    5. Place the created .config files in the directory $LIFERAY_HOME/osgi/configs/.
    6. In portal-ext.properties set setup.wizard.enabled=true.
    7. Start the server and follow the wizard to establish the admin data.
    8. Stop the server.
    9. Delete the file portal-wizard.properties that has been created and set setup.wizard.enabled=false in portal-ext.properties.
    10. Start the server and set the new password.
    11. Stop the server again and delete the .config files added to $LIFERAY_HOME/osgi/configs/ before.
    12. Start the server again.
  • If MFA is needed again it will be necessary to uncheck the configuration Disable Multi-Factor Authentication in Control Panel > System Settings > Security > Multi-Factor Authentication, before setting the option in Control Panel > Instance Settings > Security > Multi-Factor Authentication.

Additional Information

Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?