Fixed User's IP is not recorded after password authentication, but before 2FA completes

Affected version


Well-known member
If a user has 2FA enabled, the IP is only recorded after 2FA completes and not after the username/passwords has been entered.

This makes detecting from log when a user's password is compromised but 2FA prevents the login very hard.

Finally, as these are separate requests; it could be over multiple/seperate IPs.

XF Bug Bot

XenForo bug fixer bot
Staff member
Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.1.10).

Change log:
Log IP when TFA check is triggered
There may be a delay before changes are rolled out to the XenForo Community.