2FA Issue

  • Resolved robben81

    (@robben81)


    2 years, 10 months ago

    I’m unable to log into my site using Wordfence as I’m getting the following error “CODE INVALID: The 2FA code provided is either expired or invalid. Please try again”.

    The only way I can log in is by renaming the Wordfence plugin folder.

    Looking through Wordfence Diagnostics, the only error I can see is related to connectivity: “wp_remote_post() test back to this server failed! Response was: cURL error 7: Failed to connect to mysite.com port 443 after 0 ms: Couldn’t connect to server”. I had this error before and it worked fine.

    In order to try to resolve this issue, I deactivated 2FA in Wordfence and I then tried to set up 2FA again. I removed the old instance on my authenticator app (Google authenticator) and I scanned the QR code with my phone, I entered the generated code but I’m getting the following error: “Error Activating 2FA” in Wordfence. I tried with multiple generated codes but it’s not working.

    Previously Wordfence and 2FA was working and I was able to log into my site.

    I’m using the following version of Wordfence: 7.10.3

    I wonder if you could advise please.

    Thank you.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    2 years, 10 months ago

    Hi @robben81, thanks for getting in touch and sorry to see you’re having this issue.

    If the wp_remote_post() error is related to IPv6 rather than v4, you will most likely not experience connectivity problems with your site. It’s totally normal to see when, software such as Cloudflare (as one example) assigns an IPv6 address to your site but your host doesn’t give you an IPv6 address.

    It does seem as though something has changed so that your existing 2FA codes became invalid, but we usually expect reactivation to work. As the site can’t verify your new code before even activating 2FA it suggests there’s an issue with time offset on your site or device time.

    The Wordfence plugin tries to apply a time offset, based on our one of our server’s timestamps if NTP isn’t available. If you check Wordfence > Login Security > Settings > General is “NTP” enabled or disabled?

    What values do you see for “Server Time”, “Browser Time” and “Corrected Time” at the bottom of Wordfence > Login Security? If you could paste the output of that here, it could be useful.

    Thanks,
    Peter.

    Thread Starter robben81

    (@robben81)

    2 years, 10 months ago

    Many thanks for your reply.

    NTP is disabled (“NTP is currently disabled as 3 subsequent attempts have failed”). Should I click on the “Reset” button?

    Regarding the “Server Time”, “Browser Time” and “Corrected Time”, it looks ok:

    Server Time: 2023-08-07 17:22:03 UTC (2023-08-07 18:22:03 Europe/London)
    Browser Time: Mon, 07 Aug 2023 17:22:03 GMT (Mon Aug 07 2023 18:22:03 GMT+0100 (British Summer Time))

    Thread Starter robben81

    (@robben81)

    2 years, 10 months ago

    I tried resetting NTP but that didn’t work.

    Is there anything else I should try?

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘2FA Issue’ is closed to new replies.