XF 1.5 Two-Step Verification problem

ŽivaAkcija

Well-known member
its failed on my test forum, all given codes over phone failed, and my acc its locked.

oie_a1biep8jhjfe-png.111129


And after @Chris D suggested
Code:
 $config['enableTfa'] = false;
here XF 1.5 - Two-Step Verification and Security Improvements got another problems with error.

Code:
Parse error: syntax error, unexpected '$config' (T_VARIABLE) in /home/ateist/public_html/klub/library/config.php on line 1
 
Rather than disabling 2fa, it might be worth trying to solve the actual problem.

My initial suggestion was that the time could be incorrect. Is the server time and time zone correct?

If it isn't please adjust and try again.

The config error. This is simply a case of some sort of error you've introduced while editing the file.

Use a proper text editor like Notepad or Notepad++. Make sure it is added to the bottom of the config.php file.
 
Your config file looks correct so it is likely something malforming the file. Try a different editor yet again on a copy of the config file copied from your live site (adjusting the credentials accordingly). Also try uploading with a different FTP file.
 
You should be able to log in now without 2FA.

Now what is probably:

I believe the server time being skewed can cause this, though really if it worked he first time when setting it up, it should work again.
And
My initial suggestion was that the time could be incorrect. Is the server time and time zone correct?

Make sure the following is correct:
  • Time / date and timezone on your server is correct
  • Time / date and timezone on your authenticator device (e.g. smartphone) is correct
Once you have done that, disable the 2FA on your account. Then remove the line you added to config.php.

Then, set up 2FA again.
 
Does it let you enable 2fa for your account in the first place? If so there should be no logical reason for it to not work subsequently. To enable 2fa you essentially have to follow the same process as log in. It leads me to believe that you must not be entering the correct codes in time.

If the test board is available online submit a ticket from your customer area with all log in details and we will take a look.
 
I have responded.

Short version of what I've just said in the ticket:

Your server time is out by approximately 20-25 seconds. My code was only being accepted once the timer in my Authy app ran down to about 5 seconds.
 
I have responded.

Short version of what I've just said in the ticket:

Your server time is out by approximately 20-25 seconds. My code was only being accepted once the timer in my Authy app ran down to about 5 seconds.
Had the same exact problem. I synced my server time to time-a.nist.gov (it was the first one to respond), and same thing happens. Running Windows Server 2012 R2 64-bit.
 
Last edited:
Did you verify the time actually changed after syncing it with the NTP source?

For it to have had no effect it would seem to me that perhaps it didn't.

Depending on the exact Windows environment and how it is set up, a local time server may be taking precedence.

I suppose the easiest test is to see if it works by manually adjusting the time by 20 seconds or so.
 
Did you verify the time actually changed after syncing it with the NTP source?

For it to have had no effect it would seem to me that perhaps it didn't.

Depending on the exact Windows environment and how it is set up, a local time server may be taking precedence.

I suppose the easiest test is to see if it works by manually adjusting the time by 20 seconds or so.
I didn't actually see it change, but it said that it did.
I will add 10 seconds to the system time.
 
I've also seen this myself using Liam's TF add-on. Started getting intermittent success when logging in. Turned out my phone wasn't syncing the time with the carrier, so it wondered by over 30 seconds.
 
Top Bottom