help!One-time password all invalid!!

All the one-time passwords are successfully bound, and now all accounts are prompted that the security code is invalid!!


1Password Version: 7.8.1
Extension Version: Not Provided
OS Version: os 10.15.7
Sync Type: Not Provided

Comments

  • Unbind and re-bind, the verification is invalid

  • MrCMrC Community Moderator

    @kfcimc

    Your system’s time is incorrect. Be sure it is being sync’d to a time server.

  • ag_tommyag_tommy

    Team Member

    @kfcimc

    I would agree 100% with MrC suggestion. https://time.is may be helpful.

  • Hi,

    i have the same problem... literaly over 50 OTPs not working anymore. It's a very critical Situation because i can't access important Websites or Servers anymore.

    It's no solution to rebind them again. Also (!) i can't even rebind them because every OTP after scanning the QR-Code is wrong.

    best regards

  • @vanc This is usually due to your device not havng the correct time. Check the time against a time server and that the time zone is correctly set.

  • @rootzero can you tell me how i set my time right? Im in germany and all my Devices (MacBook, Win, Linux, Android) are getting their time automatically right now.

  • ag_anaag_ana

    Team Member

    @vanc:

    Indeed, I would also recommend checking if the time is the same on all of your devices. 2FA is very time-sensitive, so any drift in time on any of your devices could cause the authenticator codes to be rejected.

    A good resource that makes it easy to check this is the following website:

    https://time.is/
    

    After making sure the time is the same on every one of your devices, your authenticator codes should be accepted.

  • @ag_ana thanks for your response.

    i receive my time from Microsoft or Apple Servers for Years working with 1Password OTP. Why it is a Problem now...?

    I've set my time with time.is and i only have a discrepancy of 0,2 seconds. It still not working for me.

    How often does this problem come up in the future?

    I'm aware of the physics and why time is shifting over years, but wouldn't it be a better answer to say: Apple, Microsoft has to shift their servers so millions of 1Password users don't have to set their time to time.is?

    Best Regards

  • ag_anaag_ana

    Team Member

    @vanc:

    My understanding is that even if you have your time synced, this can change over time in your operating system, even if the time is correct on the server. I have seen this happen most often with Windows devices, and usually fixing the time manually once is enough to get the time to sync again. It happened to me too during one of the last operating system updates if I am not mistaken.

    Do you perhaps use 1Password on multiple devices? If you do, do you see different OTP codes on each device?

  • vancvanc
    edited August 16

    @ag_ana

    Yes. As i mentioned earlier i'm using my Android-Phone and my MacBook to Work remote. Because i'm at home today i also have access to my Windows machine too.

    All Devices are showing the same OTP. I've been setting up a new Docker container with GitLab. Therefore i've created a new User and wanted to setup my 2FA-Authentication. When i try to scan the QR-Code with my Android phone and typing the code into the Setup field it already claiming the OTP-Code is invalid. The same problem happens, when i try to set it the 2FA up with my MacBook or Windows machine.

    I think something has changed with recent update of 1Passwort itself.

    thanks for your patience

    Best regards

  • ag_anaag_ana

    Team Member

    @vanc:

    For confirmation, is this all happening inside Docker containers, or even on regular websites that you visit in your browser (and OTPs that you have already configured in 1Password, instead of new ones like the GitLab one in this case).

  • I'm sorry if I'm jumping into this discussion here with my info.

    I also had a broken one-time password today and I hope it's not a bug in the application. – 1Password 7.8.7 (macOS)

    The time on my MacBook is correct.

    I had added a new entry to an object in the saved form details, hoping that this would be filled in when logging in to the website. But anyway.

    After that editing, the one-time password of this object no longer worked from my MacBook. On my iPhone the one-time password was still correct, because I only synchronize locally via WLAN. — Fortunately, a synchronization was not yet triggered and I did not want to trigger, because I assume that then also the object on the iPhone is broken.

    On the iPhone, unfortunately, I could not use 1Password to display the one time password secret or generate a QR code to restore the one-time password on the MacBook. :-( — I don't know if this is possible with 1Password at all.

  • ag_anaag_ana

    Team Member

    @d_stone:

    You say that this started happening right after you edited this entry in 1Password. Have you tried reverting that edit to see if that was indeed what caused the issue?

  • Yes, correct. After the edit I noticed the problem. with the one-time password, which is also stored in this entry of 1Password, because I need it on other login pages of the customer.

    I wanted to try that 1Password already enters the fixed PIN in the last field before the RSA token. The token must then be typed via hardware dongel. This did not worked and I, because I like the web form details cleaned, removed this again and typed it in manually in the website again.

    A short time later I needed the one-time password and found the broken one-time password.

  • ag_anaag_ana

    Team Member

    @d_stone:

    Is the time of your Mac, the one reported by https://time.is, correct within 30 seconds?

  • +0,9 seconds ahead

  • It is possible that the clock was not quite in sync yesterday. But I had looked yesterday, after the "incident", everything was correct. But I can't say it exactly, because I didn't have the focus on it and I wasn't aware of the dependency of my system clock to the password.

    Suppose that happens to me/us again. Does 1Password synchronize the one-time password with the system time continuously or only when editing the entry?

  • BenBen AWS Team

    Team Member

    @d_stone

    TOTP codes are always generated based on the current system time. Editing the item does not impact that. I hope that helps clarify. Thanks!

    Ben

  • Hi @Ben,
    that means, maybe this one-time password wasn't broken, but only for a short time my system time was out of sync. It could have been fixed without creating a new one-time password entry.

    In any case, I'll pay attention to it next time. But I hope it never happens again ;)

  • ag_tommyag_tommy

    Team Member

    Sounds good and here's to it not happening again.

  • A short final update from my side on this topic
    In the company network the company MacBook does not reach the time server and thus the time is out of sync.
    Because of that the one-time passwords are no longer correct and after the system time is synchronized again, everything is correct again.

    Thanks for your good support. That this is related is an important realization and I understand this relationship now. :)

  • ag_anaag_ana

    Team Member

    In the company network the company MacBook does not reach the time server and thus the time is out of sync.
    Because of that the one-time passwords are no longer correct and after the system time is synchronized again, everything is correct again.

    Thank you for the update @d_stone :)

    Thanks for your good support. That this is related is an important realization and I understand this relationship now. :)

    On behalf of Ben and Tommy as well, you are welcome!

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file