Reset secret for Google Authenticator on re-enabling.
Currently, if you disable 2FA and enable it again for the same account, the same secret is used (from psa db). That is a security risk because if 2FA was disabled due to the fact that a phone was lost. The next time 2FA is enabled for the same account a new secret should be generated. Otherwise, the lost phone still will be able to generate a valid code.
Implement this feature to be default behaviour or at least add a button "regenerate secret".
Related links:
https://talk.plesk.com/threads/how-to-disable-google-multi-factor-authentication-in-mysql.312675/
![](https://secure.gravatar.com/avatar/7a9278851a8a2e25b9bc079c8696aabc?size=40&default=https%3A%2F%2Fassets.uvcdn.com%2Fpkg%2Fadmin%2Ficons%2Fuser_70-6bcf9e08938533adb9bac95c3e487cb2a6d4a32f890ca6fdc82e3072e0ea0368.png)
Thank you for your input! We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG