Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




250 posts

Master Geek
+1 received by user: 6


# 251652 4-Jul-2019 23:12
One person supports this post
Send private message quote this post

But luckily for some reason, iOS Authy generates the same codes a wee bit faster than desktop Authy. Just, and I mean _just_ barely fast enough to not have already been discarded by the Geekzone login server.

I understand the need to discard old 2FA codes, but maybe you should wait for at least a full minute, yeah? :-) This is the very first time I've ever encountered a login server this ultra-zealous with 2FA code discarding. It's kind of funny, but was also really quite annoying till I figured out what the issue was.

Anyway: FYI to the site admins!




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3
293 posts

Ultimate Geek
+1 received by user: 105


  # 2270199 4-Jul-2019 23:37
Send private message quote this post

Maybe your desktop time is not accurate, MFA (OTP) relies on client and server having their times (aprox) synced, that's why the tokens are valid for 30s.




250 posts

Master Geek
+1 received by user: 6


  # 2270204 4-Jul-2019 23:52
Send private message quote this post

All my devices (PC, iOS, Android mobiles) here flipped over to 11:52pm just now. If they're not in sync, it's only by a few seconds. And all set their time via various time servers.




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

 
 
 
 


Mr Snotty
8721 posts

Uber Geek
+1 received by user: 4605

Moderator
Trusted
Lifetime subscriber

  # 2270207 5-Jul-2019 00:22
One person supports this post
Send private message quote this post

This is normal. Mauricio and I both experienced different codes on Desktop vs Mobile preventing a login to Geekzone. Appears the Desktop app is buggy.

 

I've found the Google Chrome extension to be a bit better than the full-fledged Desktop app but if you're like me, and have it running for the entire time your computer has been up for (mine is currently up 48 days, 12 mins) then it gets a little out of sync. You need to fully close Authy and re-open it after about a minute to get it back in sync again.

 

Else, my experience shows mobile is always accurate. But compare your code on Desktop vs Mobile. If they're different then restart the Desktop client.







250 posts

Master Geek
+1 received by user: 6


  # 2270210 5-Jul-2019 00:39
Send private message quote this post

I no longer use the Authy Chrome app, but instead the standalone Windows app for Authy. I close it every time I finish copying a code, as I don't need to re-log into sites often enough at home, to make it worthwhile leaving it open.

Yet I still see about a 28 second differential between desktop Windows Authy and Android Authy on my Pixel 2, tested just now.

Anyway, surely it's not necessary to disallow codes that are less than a minute old? This is Geekzone, not the GCSB. My Geekzone needs are important, sure. I'd be the first to say so *grins* But it's not like we're discussing top secret intel, either :-)




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

8650 posts

Uber Geek
+1 received by user: 2975

Lifetime subscriber

  # 2270222 5-Jul-2019 05:41
Send private message quote this post

Baboon: I no longer use the Authy Chrome app, but instead the standalone Windows app for Authy. I close it every time I finish copying a code, as I don't need to re-log into sites often enough at home, to make it worthwhile leaving it open.

Yet I still see about a 28 second differential between desktop Windows Authy and Android Authy on my Pixel 2, tested just now.

Anyway, surely it's not necessary to disallow codes that are less than a minute old? This is Geekzone, not the GCSB. My Geekzone needs are important, sure. I'd be the first to say so *grins* But it's not like we're discussing top secret intel, either :-)

 

ensure it actually closes, i wondered why my fan was ramped up on my laptop last night and checked task manager to find authy was still open and using 20% cpu.

 

what you suggest defeats the purpose of 2fa




250 posts

Master Geek
+1 received by user: 6


  # 2270224 5-Jul-2019 06:37
Send private message quote this post

Authy Desktop is not still open according to task manager. I don't see how it could be after being closed. Perhaps you're using the Chrome App version?

And if a slightly longer time out for 2FA codes defeats 2FA, then I use 22 other services with 2FA authentication app generated codes that by your definition defeat the purpose of 2FA. As well as several others that deliver the codes other ways, and also don't time out in a crazy short time.

Seriously - if 60 seconds or even a couple of minutes is long enough for your 2FA code to be stolen, you're in an awful lot more trouble than any 2FA can ever save you from :-)




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

8650 posts

Uber Geek
+1 received by user: 2975

Lifetime subscriber

  # 2270610 5-Jul-2019 16:53
Send private message quote this post

I just enabled 2fa on my account and im pretty sure the issue lies with the authy desktop app

 

i tried it with all my accounts the desktop app is about 2 seconds faster than the mobile one and will once the time runs out keep the same code for another 30 seconds, putting it about 28 seconds out so you then have a 2sec window to enter the new code as soon as it changes.

 

so if you check your phone time to your pc time i think you will find its different by a couple of seconds. manually go in and change the PC time to be that of the phone and then it should work fine.

 

time need to be in sync for it to work properly

 

ps i couldnt find an internet time server that would give the same time as what my phone was showing so it could actually be an issue with the mobile not having the correct time.


 
 
 
 




250 posts

Master Geek
+1 received by user: 6


  # 2270621 5-Jul-2019 17:27
Send private message quote this post

Well, I just held my Android phone next to the clock in Windows. Both rolled over to the next minute at the same time.




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

8650 posts

Uber Geek
+1 received by user: 2975

Lifetime subscriber

  # 2270636 5-Jul-2019 18:05
Send private message quote this post

and when you compare the authy app onm the phone to the PC does it change that the same/almisty the same time or is it out by a couple of seconds? if it is then one of your times isnt the same on your devices

 

 

 

if it is the same then i have no ideas but it fixed it for me




250 posts

Master Geek
+1 received by user: 6


  # 2270661 5-Jul-2019 18:58
Send private message quote this post

As I said earlier, there is a variance of nearly 30 seconds between Desktop and Mobile Authy apps in generating the next code.




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

3353 posts

Uber Geek
+1 received by user: 1113

Trusted
Lifetime subscriber

  # 2270665 5-Jul-2019 19:06
Send private message quote this post

I find Authy to be out by about 15 seconds on my phone, so if I'm logging into Geekzone from work and the countdown appears to be this time or less I simply wait for a code refresh. 


8650 posts

Uber Geek
+1 received by user: 2975

Lifetime subscriber

  # 2270666 5-Jul-2019 19:11
Send private message quote this post

Baboon: As I said earlier, there is a variance of nearly 30 seconds between Desktop and Mobile Authy apps in generating the next code.

 

 

 

close both, then open both and see how much differenc there is, then i imagine when one changes to the next code the other will reload the same code again. when you load it check how much the time differs

 

when you say nearly 30 seconds, can you be more precise? is it 30 or is it 28, 27 or similar




250 posts

Master Geek
+1 received by user: 6


  # 2270688 5-Jul-2019 20:43
Send private message quote this post

Today the differential is 31 seconds, with both apps quit and relaunched.

But again, none of this could ever, nor IME has ever been an issue for me, given only Geekzone's 2FA server discards old codes after only 30 seconds. It's simply too short to be usable.




"The surest sign that intelligent life exists elsewhere in the universe is that it has never tried to contact us."

 

- Calvin and Hobbes (Bill Watterson)

BDFL - Memuneh
63814 posts

Uber Geek
+1 received by user: 14271

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 2270738 5-Jul-2019 21:13
Send private message quote this post

Thanks for all the comments. As mentioned this is something that I have noticed myself. I did not write the 2FA component - we use a third party Windows COM Object Server that does all the encryption, calculations, and 2FA code calculations. The software automatically discard the code and use a new one. I've mentioned this difference between mobile and desktop codes to Authy support before and they couldn't give me a definitive answer besides "logout from desktop, uninstall the software and install again". 

 

For you folks, we keep the time updated on the server and check it every two hours. Currently using the new Cloudflare Time Services (which is also available to use on your PCs). The reason I decided to use this is because of the very low latency between our servers and the Cloudflare POP in Auckland. I also have the same NTP server configured on my desktop at home - and the Authy desktop app always calculates it wrong - 30 seconds behind, despite both my phone and desktop showing EXACTLY the same time, down to the second.

 

Interestingly, there are other online services I noticed this difference too, and I just end up using my mobile app.

 

Sorry, this is not the answer you wanted to hear.





8650 posts

Uber Geek
+1 received by user: 2975

Lifetime subscriber

  # 2270740 5-Jul-2019 21:17
Send private message quote this post

30 seconds is fine for millions of people on hundreds of different services that use this type of authentication. keeping the code after 30 seconds defeats the purpose of having the 30 second time limit in the first place and is not how this is suppose to work

 

you seem to be the only one having issues here, it looked like i was having the same issues then i worked out it was a time error between devices, reset the time on the 2 PC's and it was gone.

 

your symptoms seem almost identical.

 

+ you havent answered some of the above questions, how much different is the time remaining for the code in the desktop app vs the phone app?

 

 


 1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Scientists unveil image of quantum entanglement
Posted 13-Jul-2019 06:00


Hackers to be challenged at University of Waikato
Posted 12-Jul-2019 21:34


OPPO Reno Z now available in New Zealand
Posted 12-Jul-2019 21:28


Sony introduces WF-1000XM3 wireless headphones with noise cancellation
Posted 8-Jul-2019 16:56


Xero announces new smarter tools, push into the North American market
Posted 19-Jun-2019 17:20


New report by Unisys shows New Zealanders want action by social platform companies and police to monitor social media sites
Posted 19-Jun-2019 17:09


ASB adds Google Pay option to contactless payments
Posted 19-Jun-2019 17:05


New Zealand PC Market declines on the back of high channel inventory, IDC reports
Posted 18-Jun-2019 17:35


Air New Zealand uses drones to inspect aircraft
Posted 17-Jun-2019 15:39


TCL Electronics launches its first-ever 8K TV
Posted 17-Jun-2019 15:18


E-scooter share scheme launches in Wellington
Posted 17-Jun-2019 12:34


Anyone can broadcast with Kordia Pop Up TV
Posted 13-Jun-2019 10:51


Volvo and Uber present production vehicle ready for self-driving
Posted 13-Jun-2019 10:47


100,000 customers connected to fibre broadband network through Enable
Posted 13-Jun-2019 10:35


5G uptake even faster than expected
Posted 12-Jun-2019 10:01



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.