Urgent – Lost Super Admin MFA Access After Employee Departure

ricardo.pedrosa · June 3, 2025, 2:08pm

What is the name of the domain?

What is the error number?

MFA token

What is the issue you’re encountering

“Lost access to Super Admin MFA after employee departure”

What steps have you taken to resolve the issue?

Hello,
After the departure of a former employee, we have lost access to the MFA device linked to the Super Admin account.

We urgently need to recover full access to our Cloudflare account and ensure that only current company employees have access.

Requesting:

Reset of the Super Admin MFA.

Review and removal of any unauthorized external access.

Restrict access to company email domain only , i need back the account of superadmin2

Please treat this request as urgent.

What are the steps to reproduce the issue?

“Super Admin account requires MFA, but the device is no longer available after employee departure.”

chloe2 · June 3, 2025, 2:11pm

Need help with this as well!

ricardo.pedrosa · June 3, 2025, 2:14pm

Yes , i need help about this.

epic.network · June 4, 2025, 1:23pm

Welcome to the Cloudflare Community.

When you enabled 2FA you would have been given a list of recovery codes. You should first try to use one of those to access your account.

If you do not have backup codes then login with your username and password. When you reach the screen to input your 2FA code, click ‘Can’t access your 2FA device or backup codes’.

This will then walk you through the process to recover access to your account. You will need to verify your email and verify a device you have used previously to login. It will then take 3-5 days for Cloudflare to review your request.

matt147 · June 5, 2025, 5:40am

Curious,

What’s the procedure if you don’t have a device previously used to verify? I see some providers will verify email, and send another email to that 2FA scheduled to be deactivated after 72hrs etc..
which seems a pragmatic balance.

epic.network · June 5, 2025, 1:16pm

It depends, but in the worst case scenario the only option is to start over in a new account. That is why it is crucial to safely store emergency MFA recovery codes. It is also advisable to have more than one user with super administrator access to the account.

Even when another option to manually reset the MFA exists, it still far more disruptive than being able to self-recover with emergency one-time use codes.

system · June 7, 2025, 1:17pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
MFA doesn't accept the code after changing SA admin email Dashboard	1	2116	October 27, 2021
Can't login to super administrator account General	3	2886	November 2, 2020
All admins have left business, have not left credentials and have 2FA on their accounts Dashboard	2	650	October 8, 2023
Unable to access our account General	2	658	September 25, 2023
Lost superadmin access Access	10	77	November 22, 2024