I am having issues with two-factor authentication.
I just enabled two-factor authentication with a yubikey on my mac and an authenticator on my iphone. But when I use the code provided I get an error message that the codes are incorrect. This occurs on both devices. I am running Mojave on my mac and version 12.1 on my iphone. The iphone uses google authenticator.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Mojave
Sync Type: Not Provided
Referrer: forum-search:two factor authentication
Comments
-
@seforimblog: Indeed, if the date/time/zone is even a little bit off, it can have a negative impact on the first T in TOTP: Time-based One-Time Passwords. If the "automatic" setting isn't allowing the authenticator app to generate valid codes, try setting it manually.
0 -
@brenty I'm having this same problem. I was originally on Google Authenticator, then recently got a Yubikey 5 NFC and switched over. Ever since I did, I always get incorrect authenticator code. Unfortunately, I don't think it's a automatic/time setting since I have the issue on the same phone just a different authentication method now. I'm also having the issue with codes from the Yubico Authenticator for desktop. Both my computer and phone are on automatic date/time setting. I have a family account, but I'm the only administrator; what can I do?
0 -
@tushark: I suggest you set the date/time/zone manually. In literally every other case where someone was having trouble generating valid codes, that was the problem. 1Password is using an open standard for this, and it hasn't changed. There are only three components to this: the TOTP secret, date/time/zone settings, and the programming used to generate the one-time password from those. So unless you entered your TOTP secret incorrectly or there's a bug in Yubikey's implementation (we haven't had any reports from others to that effect), the only variable left is time.
0 -
@brenty ok, figured out the problem. It seems to be that it wasn't the 2FA, but rather that something is wrong with the cache/cookies. weirdly, I can't sign in from my family domain, but my.1password.com works fine (or opening up the family domain in an incognito window). I've cleared the cookies for 1password and it solved the problem.
0 -
Oh. Well that's a new one to me. Thanks for the update! If some stale/corrupt data was cached, a "private"/"incognito" tab might work too. It's a bummer that there's another thing to have to worry about causing this kind of trouble, but I'm glad you were able to figure it out and share that tip with us. :)
0