Cannot Login to ADT Pulse with Multi-Factor Authentication Enabled

[kmnedd]

Hi Jacky,

ADT is in the process of requiring Multi-factor Authentication to log into the portal. My account was converted. My plugin no longer can access my account with just my login credentials. Is there a way to address this within the plugin?

The MFA process sends a code (email or sms) at the first log-in attempt once it has been enabled. You have to enter the code along with a preference for always allowing the device to be recognized. I did this via the browser on the device. No luck in helping the plugin connect.

Thanks, Kevin

[jim-at-miramontes]

Has anyone had issues with their IP being blacklisted after multiple logins with the non 2FA account?

Yes -- I'm getting back a 429 Too Many Requests error from the backend. If I change my IP address with a VPN, I can get through. ADT tech support is extremely clueless about this, but I have a phone call scheduled on Nov 10 with a higher-level tech. I'll report back if/when I learn anything.

Update the plugin; it should address this. FWIW, I'm running 2.1.1. This smells like a backend issue (ADT clumsily looking for and blocking hacking attempts), but I could easily be wrong.

I talked to ADT second-level support this morning, and got the expected cluelessness about the 429 issue -- something about "sometimes I have problems, but when I google the login link I can get in" -- ???

Anyway, the good news is that (of course) my 429 problem went away, and I was able to log in to the portal with my usual IP address. So I'm guessing that either there is a black list that gets cleared every N days, or there was some other issue that got cleared by some sort of ADT maintenance. Who knows...

Beyond that, the REALLY good news is that the fingerprint-based plugin method is now working for me, and my Pulse system is fully connected into homebridge. Yay / thanks, Jacky!

[mrjackyliang]

Has anyone had issues with their IP being blacklisted after multiple logins with the non 2FA account?

Yes -- I'm getting back a 429 Too Many Requests error from the backend. If I change my IP address with a VPN, I can get through. ADT tech support is extremely clueless about this, but I have a phone call scheduled on Nov 10 with a higher-level tech. I'll report back if/when I learn anything.

Calling ADT won't help since the platform is controlled by Alarm.com

[mrjackyliang]

Has anyone had issues with their IP being blacklisted after multiple logins with the non 2FA account?

Yes -- I'm getting back a 429 Too Many Requests error from the backend. If I change my IP address with a VPN, I can get through. ADT tech support is extremely clueless about this, but I have a phone call scheduled on Nov 10 with a higher-level tech. I'll report back if/when I learn anything.

Update the plugin; it should address this.

You'd probably be better off figuring out how to lease a new IP from your internet provider than dealing with ADT tech support, however. Sometimes unplugging your modem for a night or a day will do it, or else, downlink it to a different machine and reboot both.

ADT has patched up the holes making non 2FA accounts a non starter. You are better off using a 2FA account with the new release that allow you to input a fingerprint.

Right, but, users might still want to login to the Portal normally to manage it, without a VPN. It's possible ADT will lift its blocks after a period of time, but I'm not sure.

You can easily just call your internet service provider and have them do a release/renew of your DHCP address. It's usually what they call it when you want to change your IP address.

Normally the block will last about 30 mins or so.

[burtherman]

When I try to go to the portal signin page with developer tools open, I now just get "blocked" in the browser -- tried with both Chrome and Safari

[mreassassin]

I have the fingerprint. How do you obtain a version of the app that will allow you to use it in the configuration? Kevin Sent via iPhone …

Can you help me find the fingerprint? I followed the readme but still not showing any fingerprint in dev tools.

[jastorino82]

Thanks for the great work on this! I just got my system up and running tonight. I’m worried about how long the browser scraped fingerprint is going to last. In my case, the pulse portal behavior for MFA is quite flaky. Sometimes if you login, go through MFA, then tell it to remember your device, logout, then login, it in fact doesn’t remember the device, and you have to get another code, and try to get it to remember the device again.

Anybody know how long the fingerprint lasts? Shame we can’t disable MFA or request ADT disable it

[kmnedd]

My initial fingerprint has lasted since the plug-in was modified to accept it.

Kevin

Sent via iPhone

On Jan 16, 2022, at 9:49 PM, Joe Astorino @.***> wrote:

 Thanks for the great work on this! I just got my system up and running tonight. I’m worried about how long the browser scraped fingerprint is going to last. In my case, the pulse portal behavior for MFA is quite flaky. Sometimes if you login, go through MFA, then tell it to remember your device, logout, then login, it in fact doesn’t remember the device, and you have to get another code, and try to get it to remember the device again.

Anybody know how long the fingerprint lasts? Shame we can’t disable MFA or request ADT disable it

— Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android. You are receiving this because you were mentioned.

[abolians]

Same here. Haven’t had to muck with it since then

--Sarmen

On Jan 16, 2022, at 7:18 PM, kmnedd @.***> wrote:

 My initial fingerprint has lasted since the plug-in was modified to accept it.

Kevin

Sent via iPhone

On Jan 16, 2022, at 9:49 PM, Joe Astorino @.***> wrote:

 Thanks for the great work on this! I just got my system up and running tonight. I’m worried about how long the browser scraped fingerprint is going to last. In my case, the pulse portal behavior for MFA is quite flaky. Sometimes if you login, go through MFA, then tell it to remember your device, logout, then login, it in fact doesn’t remember the device, and you have to get another code, and try to get it to remember the device again.

Anybody know how long the fingerprint lasts? Shame we can’t disable MFA or request ADT disable it

— Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android. You are receiving this because you were mentioned. — Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android. You are receiving this because you commented.

[mrjackyliang]

When I try to go to the portal signin page with developer tools open, I now just get "blocked" in the browser -- tried with both Chrome and Safari

Please first disable the plugin, wait 30 minutes, and then try getting the fingerprint again. You are being blocked by ADT due to many failed loginss.

[mrjackyliang]

I have the fingerprint. How do you obtain a version of the app that will allow you to use it in the configuration? Kevin Sent via iPhone …

Can you help me find the fingerprint? I followed the readme but still not showing any fingerprint in dev tools.

I fixed it already. Please check the updated docs.

[mrjackyliang]

Thanks for the great work on this! I just got my system up and running tonight. I’m worried about how long the browser scraped fingerprint is going to last. In my case, the pulse portal behavior for MFA is quite flaky. Sometimes if you login, go through MFA, then tell it to remember your device, logout, then login, it in fact doesn’t remember the device, and you have to get another code, and try to get it to remember the device again.

Anybody know how long the fingerprint lasts? Shame we can’t disable MFA or request ADT disable it

Been using the same fingerprint since I created it! Seems alright! Just make sure to not remove the Homebridge device off of the trusted devices in the ADT account.

[oneill2142]

Good Morning,

New homeowner and ADT installed coming into the house. Just getting up and running with Homekit and trying to get my ADT to connect to it. I have purchased the HOOBs and have several devices going through it, though I cannot seem to connect my ADT Pulse.

I have taken it as far as opening Dev Tools, Ensuring "Preserve Log" is on, entering "signin.jsp" in the box, logging in (which is a challenge as it randomly blocks this site and then you are out for 2 days), and then I click on the "signin.jsp" in the dev tools window that appears valid .... I then go to Headers and there is No FORM DATA option, nor can I find any reference to a fingerprint. What am I missing?

Thanks oneill2142

[mrjackyliang]

Good Morning,

New homeowner and ADT installed coming into the house. Just getting up and running with Homekit and trying to get my ADT to connect to it. I have purchased the HOOBs and have several devices going through it, though I cannot seem to connect my ADT Pulse.

I have taken it as far as opening Dev Tools, Ensuring "Preserve Log" is on, entering "signin.jsp" in the box, logging in (which is a challenge as it randomly blocks this site and then you are out for 2 days), and then I click on the "signin.jsp" in the dev tools window that appears valid .... I then go to Headers and there is No FORM DATA option, nor can I find any reference to a fingerprint. What am I missing?

Thanks oneill2142

Did you just install ADT Pulse? Or did you install ADT Control?

[oneill2142]

Thank you. I have ADT Pulse installed

[mrjackyliang]

Thank you. I have ADT Pulse installed

Make sure you stop the plugin first, give it about 30 mins. Try retrieving the fingerprint, setting the configuration, and then restarting the plugin.

[oneill2142]

Thank you I will. I have stopped the plug in and will wait. Wondering however how that will impact what I see for "fingerprint" when I am in dev tools. That is my biggest issue. I cannot find the fingerprint. If you have any advice it is appreciated.

[oneill2142]

Thank you again, I have stopped the plug in, waited 35 minutes, and have gone to Dev Tools to try and locate a fingerprint. I cannot seam to find the fingerprint in the Dev Tools after having been logged out of bridge in Hoobs. No FORM DATA exists and the word Fingerprint does not exist in the headers sections under the signin.jsp that I am able to locate. Thanks again!

[mrjackyliang]

@oneill2142 Please start a new issue and tell me step by step what you did. Thanks!

[github-actions[bot]]

This issue is now locked and considered resolved due to inactivity.