TariqHajeer
commented
1 year ago TOTP client and server time skew
TOTP (Time-based One-Time Password) authentication depends on both the server and authenticator device having an accurate time. Tokens only last for 30 seconds. If TOTP 2FA logins are failing, check that the server time is accurate, and preferably synchronized to an accurate NTP service.
use: sync with an internet time server: time.nist.gov dont use: time.windows.com
I've run the IdentityStandaloneMfa project and tried mfa with google and Microsoft authenticator, but this function VerifyTwoFactorTokenAsync always returns false also i tried to set EmailConfirmed to true and did not work