Closed pitsi closed 4 months ago
Just an hour ago I enabled Yahoo 2FA with Aegis Authenticator and it worked absolutely fine for me. I did not face any problem.
I believe you. But it does not work for me and I do not know what to blame.
The first time I tried it was when I entered the other 5 sites, and I tried it with a few generated numbers (it generates 1 every 30 seconds). Then I got upset and started the whole process over, but it had the same results, so I gave up. Then I tried the next day, which is when I took the screenshots above and filed the issue here, doing the same procedure, but faced the same error and I gave up again.
So, what else shall I check?
I believe you. But it does not work for me and I do not know what to blame.
The first time I tried it was when I entered the other 5 sites, and I tried it with a few generated numbers (it generates 1 every 30 seconds). Then I got upset and started the whole process over, but it had the same results, so I gave up. Then I tried the next day, which is when I took the screenshots above and filed the issue here, doing the same procedure, but faced the same error and I gave up again.
So, what else shall I check?
I think next you can try by adding the Secret Key manually to the Aegis Authenticator instead of scanning the QR code.
I just tried adding the secret key manually. Still nothing, I get the same error message :(
Let me add some more info about my enviroment in case it helps.
I am using debian testing/unstable x64, brave (my main browser) with most security options enabled, and ubo (and a couple of other irrelevant addons). The system's locale is en_us, but almost all sites (yahoo included) select their language from my ip, which is obviously greek.
---edit I just tried chromium and firefox... and got the same error.
Interesting, are you sure the time on your device is in sync? (you can use https://time.is/ to check this)
My system's time is in absolute sync with time.is, but my phone's time is ~1 second behind it. The delay you see below is because I stopped for a sec to think of the right command.
$ adb devices
List of devices attached
(removed) device
$ date
Fri May 10 11:07:59 AM EEST 2024
$ adb shell date
Fri May 10 11:08:01 EEST 2024
---edit The system's clock is set to treat the bios time as local instead of utc, because I dual boot with windows and windows likes the bios clock to be on local.
$ sudo timedatectl
Local time: Fri 2024-05-10 11:11:01 EEST
Universal time: Fri 2024-05-10 08:11:01 UTC
RTC time: Fri 2024-05-10 11:10:31
Time zone: Europe/Athens (EEST, +0300)
System clock synchronized: yes
NTP service: active
RTC in local TZ: yes
Warning: The system is configured to read the RTC time in the local time zone.
I just wasted a bunch of time trying to figure out why I also wasn't able to enable 2FA on a throwaway Yahoo account. It's not related to time. It's related to Yahoo having a crappy website.
The first time you enter the OTP to complete the setup you'll see a quick flash of "Something went wrong" and attempts after that will result in a complaint about the code being wrong. One entry in the network log of the developer console stands out:
{
"error": {
"localizedMessage": "Something went wrong",
"errorId": "UNVERIFIED_CONTACT",
"message": "Contact is unverified"
}
}
Turns out you have to add a recovery email address first. After that, enabling 2FA should succeed.
Do you mean this? Because as you can see below, not only I have added it a looong time ago, but I have also verified it (the word in green letters)! Both emails are like 20 or so years old. Moreover, since opening the issue, I have tried adding yahoo's 2fa for almost 10 times and it still fails on the same step.
Might be a different issue then. You could take a look at the network log in the developer console to check whether you see an error similar to the one I had. Either way, there does not appear to be anything to fix on Aegis' side here.
Can you please show me how to reach the network log and what to look for in there? I do know how to press f12 to open the developer tools and then select network or console from there.
Honest question for those that got yahoo's 2fa to work. Is your email at yahoo.com or at a different "region", like mine is in .gr? I had the idea of logging in the english "version" of it, but it stopped me from logging in with this garbage. After the mandatory swearing, I started over but from the greek "version" this time and it logged me in with no issues.
Obviously, I won't wait for an hour and then retry, I have more important things to do.
I tried setting up yahoo's 2fa again today and this time it kinda worked. At first, the image with the qrcode is too small for the camera to clearly grab it, so I had to open it on a new tab and zoom a few times. And it worked first try! But after that, the page prompts for adding ANOTHER way of verification. Other than 2fa and the recovery email I already have, it needs a new mail or a phone number to proceed with adding 2fa as an option! Wtf yahoo?!?!
The same happens when manually adding the secret code.
Version
3.0.1
Source
Google Play
Vault encryption
No
Device
Nokia 5
Android version
Android 9
ROM
No response
Steps to reproduce
I want to enable yahoo's 2fa and it fails on the very last step. I select the third option here, which says "use authenticator app" in greek.
The page proceeds showing me the qr code (mosaic filter applied just for the screenshot), which I scan with aegis.
Aegis shows me the 6 digit number to enter here.
And I enter it, but yahoo says it is wrong (the text in the gradient orange box says "your code seems to be wrong").
I am new to aegis and to 2fa with an authenticator app, but I have already added 5 more services to it with complete success.
What do you expect to happen?
Yahoo is expected to pass the verification process at the end.
What happens instead?
Yahoo fails to pass the verification process because, as I mention above, it says that the code is wrong and starts over.
Log
No response