aricwatson
commented
8 years ago Thank, we'll look into it!
Closed apaarbajpai closed 7 years ago
aricwatson
commented
8 years ago Thank, we'll look into it!
cdietzols
commented
8 years ago Are there any updates on this issue? We are experiencing a similar issue with Magento Enterprise 1.14.2.0.
Specifically, We had a user that needed to reset his admin panel password. He clicked the link to get the password email, and then clicked "Reset Password". After doing so, the two-factor authentication error pops up (see 2FA.png). I also tried this, and I got the same results. This is strange because 1) my IP address is whitelisted in the Sentry system/config, and 2) my account is listed in Duo which usually prompts me with the 2FA Duo box and not just an error message
Please let me know if you need any more information. Thanks!
cdietzols
commented
7 years ago Hi Aric, Miguel, Just following up again--will there be any updates soon? This is causing some overhead here as we always have to have someone else reset the password instead of the user being able to use the Forgot your password link. Thanks
miguelbalparda
commented
7 years ago @cdietzols @apaarbajpai can you try adding the correct action here and report back?
cdietzols
commented
7 years ago @miguelbalparda I added 2 more actions involved with resetting the password:
protected $_allowedActions = array('login', 'forgotpassword', 'resetpassword', 'resetpasswordpost');
Two of my colleagues and I tested this change, and now we're able to reset our passwords without the duo error message. Thanks!
miguelbalparda
commented
7 years ago Sweet @cdietzols do you mind doing a pull request with this?
miguelbalparda
commented
7 years ago 363eff2576676bf0c47c5bad063071c3e7e267bb
cdietzols
commented
7 years ago @miguelbalparda do you still need me to do the pull request, or is it taken care of with the commit you posted? Sorry if that's a silly question--I'm still learning about github pull requests.
miguelbalparda
commented
7 years ago I went ahead and did the PR. Thank you for the help!
In Magento Enterprise 1.14.2.4 when the user password expires and user tries to login magento admin , the redirection lands you in endless loop.
There is no way to reset the password as well as the reset password link takes the user back to to admin login screen with the message "Please enter security code".