TOTP no longer valid for Thycotic SecretServer Cloud Logins

Hello,

1Password for Windows, v. 7.4.763
Windows 10 Pro v. 1903
Firefox 75.0 64-bit
Chrome 81.0.4044.92 (Official Build) (64-bit)

I've been using time-based one-time passwords saved in 1Password on two accounts for Thycotic's Secret Server Cloud, example URL https://vanityname.secretservercloud.com/ . Starting yesterday, my TOTP codes for both accounts were found invalid each time I used them. I had to have another admin remove TOTP from my account to restore my access. I move the TOTP from 1Password to Microsoft Authenticator and it works without a problem, however I don't want to use my phone as I'd rather use a soft token.

Below is an example of trying to re-establish the TOTP with the 1Password soft token. I've tried many times with new codes, etc.


1Password Version: 7.4.763
Extension Version: 4.7.5.90
OS Version: Windows 10 Pro v. 1903
Sync Type: 1Password membership

Comments

  • GregGreg

    Team Member

    Hi @Randolfini,

    Thank you for contacting us!

    Does this happen with all 2FA codes you store in 1Password or with Thycotic's Secret Server Cloud's ones only? Please let us know.

    The thing is that one time 2FA codes are time-based, so please make sure that you have correct time zone and time settings set on your computer. If they are off, one-time codes will not work.

    Let me know what you find. Thanks! :+1:

    ++
    Greg

  • I've only noticed it with Thycotic's Secret Server Cloud's. I tested just now with Sophos Central and that works ok with TOTP from 1Password.

    My time is all sync'd up, I'm in EDT so nothing has changed there, just double checked.

  • bundtkatebundtkate

    Team Member

    This sort of problem is almost always a time issue, @Randolfini. Most commonly, it will impact all TOTPs, but that all depends on just how forgiving the site is for what it will accept. Most sites will accept any TOTP that was valid within the past X seconds and the value of X dictates how far off your system time needs to be before you start having trouble. Most are forgiving enough that you need to have your time off by nearly a minute at least, but some have tighter requirements and will start having issues with time off only by seconds. Of course, you're not going to notice this unless you stare at your phone's time and your PC's time and wait for the minute to roll over so I generally recommend giving your time settings a kick in the butt regardless. It's just such a common issue and trying the fix is easier than fussing over whether your time is off and by how much. With that said, here's the fix:

    1. Open date and time settings in Windows settings.
    2. Toggle off all of the "automatically set" settings.
    3. Toggle them back on.

    I've also noticed that Windows added a button to sync your time sometime recently, which may also work. I haven't had my time drift since it popped up so haven't been able to test it, but it might be worth a go too. After you've triggered a resync, though, give that TOTP another try and let me know if it works. :+1:

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file