XF 2.2 Authy & 2FA "Token format invalid"

[TPerry]

When trying to use Authy with the Google open source generated QR code, I'm getting this. Google Authenticator and 2FA Authenticator (on my iPhone and my iPad) work fine. The QR code here works fine with Authy also. I do have several of Xon's add-ons installed, but I disabled them and the issue is still present. I should note, I have the same issue when trying to use Authy to validate a QR code on a SonicWall appliance, so this may not be an XF issue but an Authy issue?



Has anyone else seen/suffered this issue?

 

[TPerry]

Ok...chirping of crickets inserted here

It looks more and more like this is an AUTHY (from Twilio) issue, as not only does my IOS devices (IOS 15.1 and15.6 and iPad with 15.6) have issues, but so does my sons new Pixel 6 using Authy. With his phone, the image takes about 15-20 seconds before it even scans in and is recognized as a valid QR token image. When using any other of the multitude of 2FA apps for phone the recognition of the image is immediate.

Needless to say, Twilio is trying to say it's the site (XenForo) that is having issues... only problem with their hypothesis... we are also having the SAME type issue when trying to use Authy with a SonicWall appliance (software running in a VM).
I have an open ticket with them... so we will see what they say.

In the meanwhile, I'm currently have moved to using 2FAS (and recommended several of my clients do the same), and like the fact that it backs the codes up to iCloud. That was one of the main reasons I was using Authy.

 

[TPerry]

AND.... for any that may have this issue, or their users report it to you. It is NOT an XF issue. Twilio support has confirmed that their current version of their Authy app has an issue and that it has been referred to their engineers tor resolution. They had no idea when it would be resolved and an update pushed out.

 

[TPerry]

Well, now Authy has changed their mind... according to them it's an issue with "my software".
Never mind that 2FAS, Microsoft Authenticator, Google Authenticator and LassPass's authenticator have NO issues with reading the QR token for 2FA.... it just HAS to be the script... and all those OTHER apps are using faulty code and reading (and accepting) an invalid token.

 

[Mike Fara]

Well, now Authy has changed their mind... according to them it's an issue with "my software".
Never mind that 2FAS, Microsoft Authenticator, Google Authenticator and LassPass's authenticator have NO issues with reading the QR token for 2FA.... it just HAS to be the script... and all those OTHER apps are using faulty code and reading (and accepting) an invalid token.

As far as I can tell this option just doesn't work right anymore. Who knows what API key they're talking about, because I've tried rerolling the keys, using combinations suggested by ChatGPT: no matter what API key is entered it does not work. I would highly suggest leaving it disabled and just using digitalpoint's Security and Passkey add-on. This will let your users use a Yubikey or Windows Hello for extra security (super useful if you have a fingerprint reader on your laptop etc)

 

[TPerry]

I would highly suggest leaving it disabled and just using digitalpoint's Security and Passkey add-on.

Already do so... and I'm not referring to using the Authy app in their API mode, but in the simple 2FA mode where you can scan the QR code supplied just like with Google Authenticator.