Generated 2FA code is invalid and different from google Authenicator app

speakeasyjs / speakeasy

**NOT MAINTAINED** Two-factor authentication for Node.js. One-time passcode generator (HOTP/TOTP) with support for Google Authenticator.

MIT License

2.7k stars 228 forks source link

Generated 2FA code is invalid and different from google Authenicator app #151

Open Mobeen-Ghaffar opened 9 months ago

Mobeen-Ghaffar commented 9 months ago

Here is my Code:


 var userToken = speakeasy.totp({
          secret: screte_code,
          digits: 6,
          encoding: 'base32',
          algorithm: 'sha1',
          // encoding: 'base32'
        });
        var verified = speakeasy.totp.verify(
          {
            secret: screte_code,
            encoding: 'base32',
            token: userToken,
          }
        );

Sometime it generate correct code and sometime incorrect. How can I fix this issue? What I am doing wrong ?

davidhorac3 commented 4 months ago

+1 I'm actually never getting the same code with GoogleAuth - this lib seems to be working fine, but it never generates matching code

EDIT: Ah now I see this is unmaintened... sorry.

rutvik-mpc commented 4 months ago

+1 I also facing the same issue , it is working 90% user but for 10% it is not working.

LeGeek01 commented 1 month ago

hey there, I also facing the same issue and found a solution! it looks like you need to use SHA256 algorithm in order to use a secret in google authenticator, and if you use the qr code you need to remove the "algo" setting in the url