Skip to content

Allow 2FA user to self delete without first disabling 2FA #1697

New issue
New issue
Open
Change Request
Open
Allow 2FA user to self delete without first disabling 2FA#1697
Change Request
Labels
area: securityChanges related to security advisories and vulnerabilitiespriority: medium
@trichoplax

Description

@trichoplax
trichoplax
opened on Jul 22, 2025

Is your feature request related to a problem? Please describe.
As a quick fix, 2FA has been made to prevent self deletion so that a malicious user cannot bypass 2FA and delete another user's account. However, this means that a user who has 2FA enabled has to briefly leave their account less protected in order to delete it.

Describe the solution you'd like
A 2FA user should be prompted for both password and 2FA code before allowing self deletion, so that 2FA never needs to be disabled. I suggest both password and 2FA so that 2FA doesn't become 1FA if a device is left unlocked and signed in. (If the unlocked device is also the 2FA device, then there's not much we can do to improve things.)

Additional context
Raised following a discussion about how to deal with self deletion of 2FA users to prevent it being forgotten.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area: securityChanges related to security advisories and vulnerabilitiespriority: medium

    Type

    Change Request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions