Hi,
See the relevant FAQ in the FAQ list (here: https://ww.wp.xz.cn/plugins/two-factor-authentication/#faq ).
Did the codes used to work? The TOTP protocol relies only upon the initial sharing of the private key (which, if it worked once, happened) and the server and device agreeing (within a minute or so) on the current time. So, check your device’s time. Experience in providing support shows that lots of people who think they have correct time, don’t. (Though of course until you can get in, you can only check it on your app’s device, not the server).
David
Thanks, but truthfully that is no help to me at all. I installed the plugin, activated it. Downloaded the authenticater to my phone, scanned the QR code and it picked up the profile. I logged out to check that it was working and nothing… not a single code has worked and trust me I have tried over 60 times now using new codes, older codes, anything and nothing works.
Oh dear… there’s a reason why on the setup page it says, first thing, in bold “If you activate two-factor authentication, then verify that your two-factor application is showing the same One Time Password as shown on this page before you log out”. But that’s water under the bridge now…
As it says in the FAQ, you can just add this near the top of your wp-config.php:
define('TWO_FACTOR_DISABLE', true);
Alternatively, de-activate the plugin using FTP or your web hosting file manager, by renaming the plugin’s directory. (Your site front-end will then not display until you log in to wp-admin, so do that immediately afterwards).
David
Thank you! That worked. As you assumed, the timezones are two hours off, which is what the issue is.
I’ll be sure to check those settings and get it installed correctly tomorrow.
Much appreciated for the late responses!
You’re welcome! If you like the plugin, please do give us a 5-star review – every contribution helps!
