Really Simple Security has the option to enforce 2FA (Two-Factor Authentication) to protect accounts from unauthorized access when your password is stolen. If for some reason you are unable to receive the required 2FA codes you will be locked out of your website.
For example: You lost access to your phone with the TOTP (Authenticator) app, or 2FA was required for your account and the Grace Period to configure 2FA has expired.
To disable 2FA in Really Simple Security and regain access to the site:
- Create an empty file in the /wp-content/Â folder of your website, and call it
rsssl-safe-mode.lock. - The 2FA checks from Really Simple Security will be disabled as long as the file is present.
After logging in and resetting the 2FA settings for your Account (Login Protection -> Two-Factor Authentication -> Users -> Reset), you can safely remove the .lock file from the /wp-content/ directory to re-activate 2FA.
