Comment on 2FA Should Be Disabled As It Doesn't Work
packetloss@lemmy.world 1 year agoI tried Google Authenticator, Bitwarden, Duo Authenticator, and Microsoft Authenticator. I also tried on mobile (Android) and on desktop.
In all cases the authenticator was giving me a 6 digit code, but the code was not valid. If I used the same secret on multiple authenticators they all gave me the same TOTP codes, which is expected, but the codes wouldn’t work. So even though multiple authenticators are displaying the same TOTP code, the code the site is expecting doesn’t match. Meaning the site is not using the secret it generated properly.
Sami@lemmy.zip 1 year ago
Yeah I know it sucks. I tried some of those too but only KeePassXC worked for me.