Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 1948 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OTP Default token timestep

@wajdiaa

I've tested a couple of XG 18.04 and obtained the same results: 

When the timestep in seconds is changed for example from 30 to 60 seconds, 2FA stops validating even though I rescan the QR to update the token info. Switching back to the default 30 seconds and rescanning brings the system back online.

The Message of the error in GUI is: OTP token synchronization failed: timeoffset could not be written

Is this a bug?

Timestep
Default token timestep in seconds: Seconds(10 - 300)
Maximum passcode offset steps: (0 - 10)
Maximum initial passcode offset steps: (0 - 600)


This thread was automatically locked due to age.
  • 0

    Hello there,

    Thank you for contacting the Sophos Community.

    I am running on 18.0 MR5 and I did the following and worked fine.

    1.- Enabled OTP for all Users

    2.- Left the default 30 seconds

    3.- Access with the User to the User Portal and Scanned the QRcode

    4.- Access the User Portal after entering password+OTP

    5.- Changed the OTP timestamp to 60 seconds

    6.- For the test user I clicked the OTP time-offset synchronization and entered the current OTP

    7. Access the User Porta with Password+OTP

    Are you following the same steps? 

    Regards,

  • 0 in reply to emmosophos

    Hi, not really the same as above since I already had OTP activated for a selected number of users. 

    Users that were already using OTP faced the issue after changing to 60 seconds. When I do a Timeoffset sync, I get the error. 

  • 0 in reply to @wajdiaa

    Hello there,

    I access and authenticated first with the Test user, and then changed the Time-offset.

    I would recommend you open a case to get this investigated or if you already have one, share it with me to see what has been done already.

    Regards,