Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 1793 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Two Factor Authentication Issue

Alan Spark

We have an XG 135 running firmware SFOS 18.0.4 MR-4.

Recently we have been testing two factor authentication, with the automatically generated 30 second keys. This has been working for a few people.

Today we had the idea to increase the key timeout from 30 seconds to 60 seconds, and created manual keys under "Authentication / One-time password". This worked for me but one of my colleagues has reported that they can't login with it (after scanning the new QR code into the authentication app), and I see a "because of wrong credentials" error in the logs. If they use the original auto generated 30 second key it works, and if they use an emergency key it works. Another colleague does not have this issue and I see no difference between the way that they keys were created.

Can you please help us to troubleshoot?

Regards,

Alan



This thread was automatically locked due to age.

Top Replies

  • in reply to FormerMember +1 suggested

    Hi Yash,

    We tried this and it was reporting either + or - 2.5 million seconds out!

    This was using Google Authenticator (on Android) and it turns out that this is a known issue with any time step other than 30 seconds: https://support.sophos.com/support/s/article/KB-000036749?language=en_US

    I tried with Google Authenticator on my iPhone and got an "Invalid barcode" error (even with the default 30 seconds) so I am forced to use the Sophos Authenticator app.

    It would be good if these issues could be fixed at some point but we will use the Sophos app for now.

    Regards,

    Alan

    Jump to answer