Unable to enable 2fa

iflo
iflo
Community Member

Hi there, I am trying to turn on 2fa but whenever I enter the 6 digit number it tells me it is incorrect. I have tried Authy, Microsoft Authenticator and Google Authenticator all with the same result. I have checked my phone time is correct and it is indeed synced with Google's time (Google Authenticator even has a "check your time" feature). I wonder if there is a GMT issue as I am based in the UK?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • iflo
    iflo
    Community Member

    Further to my previous comment, I installed Authy on my desktop PC and linked it to my phone. I used Authy on desktop to create the code for 1password and it has now enabled 2FA on 1Password. Funnily enough, the code shown on Authy desktop matches the one on my phone, so I have no idea what's going on now. Anyway, it's enabled - let's hope that's it working now!

  • AGAlumB
    AGAlumB
    1Password Alumni

    @iflo: Thanks for getting in touch. While I'm glad you got it working, I wanted to offer a few thoughts that might be helpful anyway.

    The TOTP (Time-based One-Time Password) standard, which we're using, factors the actual time into the calculation which, along with the static TOTP secret (either represented by a QR code or text) to generate the one-time code you use to sign in. These generally expire and are completely useless after a relatively short period of time (30-90 seconds is typical), so if your date/time/zone settings are off it can result in the codes generated being unusable. For example, if my time is 59 seconds slow, the clock may look right to me but by the time I enter the code, it's likely it will be expired. So that's the first thing I would check.

    However, it's worth noting that you will only need to use two-factor when signing in to the app/browser the first time; after that, you just need to enter your Master Password (unless you're resetting something). So that can allow you a way to get in to disable the feature in a browser you've already signed into.

    I hope this helps. Be sure to let me know if you have any other questions! :)

  • iflo
    iflo
    Community Member

    Hi Brenty, thanks for the reply. I saw the other “check your time” issues in the queue so I’d gone to great pains to check mine was correct. The suggested time check website claimed my phone time was 0.3 seconds out so surely well within tolerance. Google authenticator also reported my time as being correct.

    It’s very odd! What I don’t get is that now its enabled it seems to be happy enough with the codes generated by my phone as I’ve used it to unlock another device. It staunchly refused to enable until I used desktop Authy and now it’s fine on both phone and desktop.

    Anyway, all is good now, thanks.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Glad to hear it! 0.3 seconds is not correct though. I always recommend setting in manually just to remove any room for error. Wi-Fi-only devices especially don't sync consistently, and all devices have drift over time. Worth a shot if you run into any further issues. Cheers! :)

This discussion has been closed.