search

alexandregz / twofactor_gauthenticator

This RoundCube plugin adds the 2-step verification(OTP) to the login proccess
MIT License
218 stars 76 forks source link

Google Authenticator always fail QrCode #135

Open mvldebian opened 3 years ago

mvldebian commented 3 years ago

Roundcube 1.4.9 with elastic Last version of plugin download from git, config file ok

Scan = Unrecognized key

Hydranet commented 3 years ago

I'm having the same issue here, using RC 1.4.11 with Elastic and php 7.3, getting the message invalid url when scanning the QrCode.

WanWizard commented 3 years ago

Same here, PHP 7.3 too. Worked fine before, so it could well be a PHP version issue...

Hydranet commented 2 years ago

Been playing around with this for a while, what finally worked for me was the following.

  1. Clear secret and recovery codes.
  2. Press save (It then generates a new secret and recovery codes).
  3. Open Google Authenticator or FreeOTP.
  4. Click on the plus sign and then on "Scan QR-code"(with FreeOTP you should click on the QR-code icon)
  5. Now the trick it to enclose the QR-code you are trying to scan as much as you can within the square you app indicates as much as you can and then it will scan it. If the scanning doesn't work the other option is to manually copy the key into the app instead of scanning it.
  6. Go back to your roundcube 2FA settings to verify the code works.
  7. Enter the code from the app in the "Check Code" field and click on the button "Check code".
  8. You should get an "Code OK" response.
  9. Now 2FA should also work when you login with your user.

I think the issue is that the first codes(key and recovery codes) are generated with special symbols that the app won't pick up they key as a valid anymore. Also the app QR-code scanner seems to have gotten a lot more sensitive because you have full up as much as you can of the QR-code in square the app indicates. It wasn't this sensitive before. I'm no coder but I think there may be two problems: 1. The first codes that are generated with special symbols which the app doesn't see as a valid key, when clearing those it actually generates codes without special symbols and that allows you to scan it because the app sees it as a valid key then. 2. The second issue is that the app has gotten more sensitive with scanning QR-codes but I don't think that is an is issue with twofactor_gauthenticator plugin, those are just my observations from doing some testing by trying different things until I got it to work.

This should also work for people that opened the other issues:

132

147

I got this working with roundcube 1.5.0 and php 7.3 so I would expect this to work with other php 7x versions as well.

umsmin commented 1 year ago

When I add manually the code so it works but my "OTP Auth" app on IOS 15.7.2 say every time I create a new code the QR-Code is invalid.