Two factor authentication issue


#1

Dear Admins,
I enabled 2FA on my AppleTalk account, using 1Password as the code generator.
Attempting to log in from a different device netted me errors advising each code can be used only once, or that the code is incorrect.
Attempting to disable it from an already logged in device again suggests the code is incorrect (I’m copy/pasting the code well within the expiry time, just to be clear)

I’m kind of boned here - can’t log in, can’t disable it so I can log in.

Please help?


#2

Interesting. I just tried to enable it using 1Password and got an error that the code was no good either. Paging @bennyling?


#3

Uhh this isn’t something I’ve tested personally, but we haven’t made any changes to it so it should, as they say, just work.

I’ll take a look a little later today and report back.


#4

wipes sweat off brow

Well, what a journey that was.

Turns out, our server hasn’t been using NTP for whatever reason, meaning we were 98 seconds out from what the actual time was.

TOTP used in Discourse for 2FA has something like a 30-second grace period, but 98 seconds? No bueno.

Anyway, I’ve fixed that now, and 2FA should now work normally. Let me know if you’re still having issues with it.


#5

Thanks @bennyling!
Can confirm, working now - appreciated.


#6

Ah - great. Sounds like you had a bit of a saga to work it out, but at least it wasn’t a big issue? :grimacing:


#7

Yeah, wasn’t too bad in the end. Learned a few things too, which is always a plus!