Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Baboon

364 posts

Ultimate Geek


#251652 4-Jul-2019 23:12
Send private message

But luckily for some reason, iOS Authy generates the same codes a wee bit faster than desktop Authy. Just, and I mean _just_ barely fast enough to not have already been discarded by the Geekzone login server.

I understand the need to discard old 2FA codes, but maybe you should wait for at least a full minute, yeah? :-) This is the very first time I've ever encountered a login server this ultra-zealous with 2FA code discarding. It's kind of funny, but was also really quite annoying till I figured out what the issue was.

Anyway: FYI to the site admins!




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3
Affiliate link
 
 
 

Affiliate link: Trade NZ and US shares and funds with Sharesies.
marpada
384 posts

Ultimate Geek


  #2270199 4-Jul-2019 23:37
Send private message

Maybe your desktop time is not accurate, MFA (OTP) relies on client and server having their times (aprox) synced, that's why the tokens are valid for 30s.


Baboon

364 posts

Ultimate Geek


  #2270204 4-Jul-2019 23:52
Send private message

All my devices (PC, iOS, Android mobiles) here flipped over to 11:52pm just now. If they're not in sync, it's only by a few seconds. And all set their time via various time servers.




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

michaelmurfy
/dev/ttys0
10977 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #2270207 5-Jul-2019 00:22
Send private message

This is normal. Mauricio and I both experienced different codes on Desktop vs Mobile preventing a login to Geekzone. Appears the Desktop app is buggy.

 

I've found the Google Chrome extension to be a bit better than the full-fledged Desktop app but if you're like me, and have it running for the entire time your computer has been up for (mine is currently up 48 days, 12 mins) then it gets a little out of sync. You need to fully close Authy and re-open it after about a minute to get it back in sync again.

 

Else, my experience shows mobile is always accurate. But compare your code on Desktop vs Mobile. If they're different then restart the Desktop client.





Michael Murphy | https://murfy.nz | https://keybase.io/michaelmurfy - Referral Links: Sharesies | Electric Kiwi
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation.




Baboon

364 posts

Ultimate Geek


  #2270210 5-Jul-2019 00:39
Send private message

I no longer use the Authy Chrome app, but instead the standalone Windows app for Authy. I close it every time I finish copying a code, as I don't need to re-log into sites often enough at home, to make it worthwhile leaving it open.

Yet I still see about a 28 second differential between desktop Windows Authy and Android Authy on my Pixel 2, tested just now.

Anyway, surely it's not necessary to disallow codes that are less than a minute old? This is Geekzone, not the GCSB. My Geekzone needs are important, sure. I'd be the first to say so *grins* But it's not like we're discussing top secret intel, either :-)




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

  #2270222 5-Jul-2019 05:41
Send private message

Baboon: I no longer use the Authy Chrome app, but instead the standalone Windows app for Authy. I close it every time I finish copying a code, as I don't need to re-log into sites often enough at home, to make it worthwhile leaving it open.

Yet I still see about a 28 second differential between desktop Windows Authy and Android Authy on my Pixel 2, tested just now.

Anyway, surely it's not necessary to disallow codes that are less than a minute old? This is Geekzone, not the GCSB. My Geekzone needs are important, sure. I'd be the first to say so *grins* But it's not like we're discussing top secret intel, either :-)

 

ensure it actually closes, i wondered why my fan was ramped up on my laptop last night and checked task manager to find authy was still open and using 20% cpu.

 

what you suggest defeats the purpose of 2fa


Baboon

364 posts

Ultimate Geek


  #2270224 5-Jul-2019 06:37
Send private message

Authy Desktop is not still open according to task manager. I don't see how it could be after being closed. Perhaps you're using the Chrome App version?

And if a slightly longer time out for 2FA codes defeats 2FA, then I use 22 other services with 2FA authentication app generated codes that by your definition defeat the purpose of 2FA. As well as several others that deliver the codes other ways, and also don't time out in a crazy short time.

Seriously - if 60 seconds or even a couple of minutes is long enough for your 2FA code to be stolen, you're in an awful lot more trouble than any 2FA can ever save you from :-)




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

  #2270610 5-Jul-2019 16:53
Send private message

I just enabled 2fa on my account and im pretty sure the issue lies with the authy desktop app

 

i tried it with all my accounts the desktop app is about 2 seconds faster than the mobile one and will once the time runs out keep the same code for another 30 seconds, putting it about 28 seconds out so you then have a 2sec window to enter the new code as soon as it changes.

 

so if you check your phone time to your pc time i think you will find its different by a couple of seconds. manually go in and change the PC time to be that of the phone and then it should work fine.

 

time need to be in sync for it to work properly

 

ps i couldnt find an internet time server that would give the same time as what my phone was showing so it could actually be an issue with the mobile not having the correct time.




Baboon

364 posts

Ultimate Geek


  #2270621 5-Jul-2019 17:27
Send private message

Well, I just held my Android phone next to the clock in Windows. Both rolled over to the next minute at the same time.




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

  #2270636 5-Jul-2019 18:05
Send private message

and when you compare the authy app onm the phone to the PC does it change that the same/almisty the same time or is it out by a couple of seconds? if it is then one of your times isnt the same on your devices

 

 

 

if it is the same then i have no ideas but it fixed it for me


Baboon

364 posts

Ultimate Geek


  #2270661 5-Jul-2019 18:58
Send private message

As I said earlier, there is a variance of nearly 30 seconds between Desktop and Mobile Authy apps in generating the next code.




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

Dratsab
3803 posts

Uber Geek

Trusted
Lifetime subscriber

  #2270665 5-Jul-2019 19:06
Send private message

I find Authy to be out by about 15 seconds on my phone, so if I'm logging into Geekzone from work and the countdown appears to be this time or less I simply wait for a code refresh. 


  #2270666 5-Jul-2019 19:11
Send private message

Baboon: As I said earlier, there is a variance of nearly 30 seconds between Desktop and Mobile Authy apps in generating the next code.

 

 

 

close both, then open both and see how much differenc there is, then i imagine when one changes to the next code the other will reload the same code again. when you load it check how much the time differs

 

when you say nearly 30 seconds, can you be more precise? is it 30 or is it 28, 27 or similar


Baboon

364 posts

Ultimate Geek


  #2270688 5-Jul-2019 20:43
Send private message

Today the differential is 31 seconds, with both apps quit and relaunched.

But again, none of this could ever, nor IME has ever been an issue for me, given only Geekzone's 2FA server discards old codes after only 30 seconds. It's simply too short to be usable.




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

freitasm
BDFL - Memuneh
73966 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2270738 5-Jul-2019 21:13
Send private message

Thanks for all the comments. As mentioned this is something that I have noticed myself. I did not write the 2FA component - we use a third party Windows COM Object Server that does all the encryption, calculations, and 2FA code calculations. The software automatically discard the code and use a new one. I've mentioned this difference between mobile and desktop codes to Authy support before and they couldn't give me a definitive answer besides "logout from desktop, uninstall the software and install again". 

 

For you folks, we keep the time updated on the server and check it every two hours. Currently using the new Cloudflare Time Services (which is also available to use on your PCs). The reason I decided to use this is because of the very low latency between our servers and the Cloudflare POP in Auckland. I also have the same NTP server configured on my desktop at home - and the Authy desktop app always calculates it wrong - 30 seconds behind, despite both my phone and desktop showing EXACTLY the same time, down to the second.

 

Interestingly, there are other online services I noticed this difference too, and I just end up using my mobile app.

 

Sorry, this is not the answer you wanted to hear.





Are you happy with Geekzone? Consider subscribing or making a donation.

 

 

 

freitasm on Keybase | My technology disclosure 

 

These links are referral codes: Sharesies | Mighty Ape | Norton 360 | Lenovo laptops | GoodsyncGeekzone Blockchain Project


  #2270740 5-Jul-2019 21:17
Send private message

30 seconds is fine for millions of people on hundreds of different services that use this type of authentication. keeping the code after 30 seconds defeats the purpose of having the 30 second time limit in the first place and is not how this is suppose to work

 

you seem to be the only one having issues here, it looked like i was having the same issues then i worked out it was a time error between devices, reset the time on the 2 PC's and it was gone.

 

your symptoms seem almost identical.

 

+ you havent answered some of the above questions, how much different is the time remaining for the code in the desktop app vs the phone app?

 

 


 1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

D-Link G415 4G Smart Router Review
Posted 27-Jun-2022 17:24


New Zealand Video Game Sales Reaches $540 Million
Posted 26-Jun-2022 14:49


Github Copilot Generally Available to All Developers
Posted 26-Jun-2022 14:37


Logitech G Introduces the New Astro A10 Headset
Posted 26-Jun-2022 14:20


Fitbit introduces Sleep Profiles
Posted 26-Jun-2022 14:11


Synology Introduces FlashStation FS3410
Posted 26-Jun-2022 14:04


Intel Arc A380 Graphics First Available in China
Posted 15-Jun-2022 17:08


JBL Introduces PartyBox Encore Essential Speaker
Posted 15-Jun-2022 17:05


New TVNZ+ streaming brand launches
Posted 13-Jun-2022 08:35


Chromecast With Google TV Review
Posted 10-Jun-2022 17:10


Xbox Gaming on Your Samsung Smart TV No Console Required
Posted 10-Jun-2022 00:01


Xbox Cloud Gaming Now Available in New Zealand
Posted 10-Jun-2022 00:01


HP Envy Inspire 7900e Review
Posted 9-Jun-2022 20:31


Philips Hue Starter Kit Review
Posted 4-Jun-2022 11:10


Sony Expands Its Wireless Speaker X-series Range
Posted 4-Jun-2022 10:25









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.