Re: TOTP Verification Failed During MFA Enrollment

Fri, 01 Sep 2023 15:22:51 -0700 

In the screenshot you attached the local and UTC clocks are off from the
RTC by about 35 seconds. Since tokens are usually timed for 30 seconds, my
suspicion is that this is what is causing TOTP logins to fail consistently.
Forcing a sync of the time, and then making sure that it is configured to
keep synchronized may be a solution to your issue.

# timedatectl
      Local time: Fri 2023-09-01 18:21:53 EDT
  Universal time: Fri 2023-09-01 22:21:53 UTC
        RTC time: Fri 2023-09-01 22:21:53
       Time zone: America/New_York (EDT, -0400)
     NTP enabled: yes
NTP synchronized: yes
 RTC in local TZ: no
      DST active: yes
 Last DST change: DST began at
                  Sun 2023-03-12 01:59:59 EST
                  Sun 2023-03-12 03:00:00 EDT
 Next DST change: DST ends (the clock jumps one hour backwards) at
                  Sun 2023-11-05 01:59:59 EDT
                  Sun 2023-11-05 01:00:00 EST

-Nick

On Fri, Sep 1, 2023 at 4:19 PM Delvain Mbina <[email protected]>
wrote:

> Hi Daniel,
>
> Attached are my current NTP and local time settings. Do you think I should
> change the NTP synchronized flag to "yes"?
>
> Best,
>
> Delvain Mbina
> Security Operations Engineer
>
> M: (209) 305-0215
>
>
> The Save Mart Companies
>
> 1600 Yosemite Blvd., Modesto, CA 95354
>
>
>
> -----Original Message-----
> From: Daniel Carroll <[email protected]>
> Sent: Wednesday, August 30, 2023 10:57 AM
> To: [email protected]
> Subject: Re: TOTP Verification Failed During MFA Enrollment
>
> Hi Delvain,
>
> Have you checked to confirm that your server and TOTP app times are within
> a second of each other (e.g. synced to NTP)?
> If they differ by by ~15 seconds, I would expect about half of the TOTP
> verifications to fail.
> Regards,
>
>         - Daniel
>
> -----Original Message-----
> From: Delvain Mbina <[email protected]>
> Sent: Wed Aug 30 2023 11:47:23 MDT
> Subject: Re: TOTP Verification Failed During MFA Enrollment
>
> Hi there,
>
> Does anyone have an idea of what causes this random and persistent
> "Verification Failed" issue?
>
> Best,
>
> Delvain Mbina
> Security Operations Engineer
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]

Reply via email to