[DigitalPoint] Security

[DigitalPoint] Security 1.2.0.3

No permission to download
Having issues with the Authy App where when trying to verifiy adding the 2FA with the generated code I get the message:-

The two-step verification value could not be confirmed. Please try again.
Authy app (iPhone) had issues with the QR code for my site... and I went around and around with them and they eventually said that they fixed it.


I kicked Authy to the curb and now use the YubiKey app and 1FAS Auth (which backs up to iCloud).
 
Hi @digitalpoint

I am receiving errors when I trying to verify my passkey but it’s showing this error

The two-step verification value could not be confirmed. Please try again.

IMG_0284.webp
IMG_0074.webpIMG_0279.webp

also I am not receiving any errors in adminCP and I am using iOS Safari and iPadOS Safari

also sometimes this happens on edge!
 
Have you tried dropping down to a more reasonable level of trusting the device.. you know, a more standard 30-90 day period?
 
Well, I’d say the best thing to do would be to test a passkey from a test account. Then you can at least see if it’s specific to the server or the user.
 
Another thing you may want to test if you can is to add a second passkey to the same account and see if that one works (maybe it’s something about that individual passkey somehow).
 
Just thought of something else you could check... if you have something that could be altering the network request before it hits your server, that could be an issue too. Some suspects:
  • browser extensions/ad blocker
  • something like Cloudflare and you have it's "security level" cranked up
  • mod_security (or something similar) installed with your server
Long story short is there is a JSON payload that needs to make it to your server, so if you have something that is looking for anything that might look "suspect" and blocking/altering it, it's going to break the underlying function.
 
Is it specific to a single account (do you have a test account you could test it on)?
It’s looks like it’s all the account if you enabled security passkey when using apple passkey! I have test it on GameNet account and administrator account still showing the same error!

browser extensions/ad blocker
I do use ad-blocker as I am not a big fan of scams and misleading ad but its still showing me the error!

something like Cloudflare
I don’t use Cloudflare at the moment and but I do have plans to enable in the future!

mod_security (or something similar) installed with your server
I have already turned off Mod Security but its still showing the same error!
IMG_0287.webp

something similar) installed with your server
I have just already tried to disable all add-on except your security add-on and its still showing the same error!

IMG_0288.webp
I am not sure what’s going on!
 
Maybe try deleting the passkey and readding after you disabled things like mod_security. I suppose it’s possible the passkey info was kicked by something during the process that saves it when you set it up.

FWIW, I just went through the process with an iPhone Passkey (saved to iCloud), and creation worked as expected and I was able to log out and back in (and authenticate with it) without any issues. Tried it just now…
 
FWIW, I just went through the process with an iPhone Passkey (saved to iCloud), and creation worked as expected and I was able to log out and back in (and authenticate with it) without any issues. Tried it just now…
Have you test this on XenShop
 
its not working on my side

here a video what’s I meant

To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.
 
Back
Top Bottom