2-step code was rejected

[MoodyBlues]

Hey there! I was prompted for 2-step verification today, received a code, copied and pasted it, and it wasn't accepted. It said try again, so I did...same result. I also tried typing it manually. Same result.

I ended up using one of my backup codes and got in.

Just FYI.

 

[Unforgiven]

I've had issues copy and pasting codes where it grabs a space before or after the actual code when copying. Perhaps you've had the same issue.

 

[olbriar]

Likewise, I've had the same issue with copy/paste. My code is generated with two three digit strings with a space between. AF will not accept the space... just the six digits. Freaked me out at first. Now I simply type in the code.

 

[Brian706]

What app are you using for the codes? I use Google authenticator and copy/paste every time and haven't had an issue with it once.

 

[Unforgiven]

What app are you using for the codes? I use Google authenticator and copy/paste every time and haven't had an issue with it once.

I use Thenticate, and it has a built in "Copy to clipboard" function. Where I have problems is when I'm forced to use SMS or Email.

 

[MoodyBlues]

But note that I said "I also tried typing it manually."

I always check for leading spaces anyway, so that wouldn't have been it--in my case.

 

[olbriar]

But note that I said "I also tried typing it manually."

I always check for leading spaces anyway, so that wouldn't have been it--in my case.

We are glad that you got in and sorry that it was a hassle. No clue what was going on. We'll keep an eye on it, It always gives one a bad feeling when the 2 step becomes a twist.

 

[MoodyBlues]

We are glad that you got in and sorry that it was a hassle. No clue what was going on. We'll keep an eye on it, It always gives one a bad feeling when the 2 step becomes a twist.

Thanks, buddy. That was the first time I've ever had any sort of issue using 2-step here, so it was unexpected!

 

[mikedt]

Check the time and date are accurate on your device, because the 2-factor numbers are time critical. I use Google Authenticator for AF, and always just type the numbers.

 

[MoodyBlues]

...and it just happened again.

I came to the site, immediately got the 2-step notice saying an e-mail has just been sent to me; I received the e-mail and copied its code:

Came back here and pasted it in; got an error message, so tried again by manually typing it in; same result:

As you can see, the code is correct; no, there are no spaces or any other non-printable characters in it.

After the second failure, another code was automatically sent to me this time; I tried it, and here I am!

 

[olbriar]

Gremlins!

 

[MoodyBlues]

Gremlins, indeed!

You know, those nasty little things have followed me around for decades! I remember way back when, something weird would happen, something unexplained (to my then-novice-UNIX-brain), and I'd chalk it up to gremlins. And now they're here!

 

[olbriar]

No idea what really went South. I have my 2 step auth generated by google. So far no snags.

 

[MoodyBlues]

No idea what really went South. I have my 2 step auth generated by google. So far no snags.

It's not a big deal, but I did want to post the time, the code, the error message, etc., so if any back-end checking was to be done, it would narrow down the event to the one I'm talking about.

I'm thinking about going back to regular, not 2-step, verification. I started using 2-step after AF let me know that some joker had used my account to post some kind of bullshit. But that was a year ago (I think) and I'm ready to try again.

 

[olbriar]

It's not a big deal, but I did want to post the time, the code, the error message, etc., so if any back-end checking was to be done, it would narrow down the event to the one I'm talking about.

I'm thinking about going back to regular, not 2-step, verification. I started using 2-step after AF let me know that some joker had used my account to post some kind of bullshit. But that was a year ago (I think) and I'm ready to try again.

It is an added level of security that I enjoy. I implement it when offered. It is a pain to use and I wish we lived in a world where it wasn't even a consideration.

 

[Unforgiven]

If you don't want the hassle of sms/emailing codes, you can use an authenticator app. You set it up when you set up two-step here or on other sites (I use one here, Amazon, my work's HR/payroll system, and a few others) by scanning a qr code with your phone. Then you open the app and it generates a new code every 60 seconds. Just enter that in the site requesting it when you need it.

 

[olbriar]

I have my codes generated by google authenticator. I've yet to have a problem anywhere.

 

[MoodyBlues]

If you don't want the hassle of sms/emailing codes, you can use an authenticator app. You set it up when you set up two-step here or on other sites (I use one here, Amazon, my work's HR/payroll system, and a few others) by scanning a qr code with your phone. Then you open the app and it generates a new code every 60 seconds. Just enter that in the site requesting it when you need it.

You know what category that falls under (for me)? WAY TOO MUCH WORK!! I'm using a laptop 99% of the time now, and don't want to bother bringing my phone into the equation. But it does sound useful.

This is the only site I'm using 2-step on, and really I'd just like to be done with it. I think I'll go ahead and disable it and then if some new joker comes along and does something naughty, change it back.

 

[olbriar]

Personal choice... I don't think AF is quite the target it once was.

 

[MoodyBlues]

Personal choice... I don't think AF is quite the target it once was.

Sadly...no.