This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OTP Default token timestep

I've tested a couple of XG 18.04 and obtained the same results:

When the timestep in seconds is changed for example from 30 to 60 seconds, 2FA stops validating even though I rescan the QR to update the token info. Switching back to the default 30 seconds and rescanning brings the system back online.

The Message of the error in GUI is: OTP token synchronization failed: timeoffset could not be written

Is this a bug?

Timestep
Default token timestep in seconds:	Seconds(10 - 300)
Maximum passcode offset steps:	(0 - 10)
Maximum initial passcode offset steps:	(0 - 600)

This thread was automatically locked due to age.

0 emmosophos over 2 years ago

Hello there,

Thank you for contacting the Sophos Community.

I am running on 18.0 MR5 and I did the following and worked fine.

1.- Enabled OTP for all Users

2.- Left the default 30 seconds

3.- Access with the User to the User Portal and Scanned the QRcode

4.- Access the User Portal after entering password+OTP

5.- Changed the OTP timestamp to 60 seconds

6.- For the test user I clicked the OTP time-offset synchronization and entered the current OTP

7. Access the User Porta with Password+OTP

Are you following the same steps?

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 @wajdiaa over 2 years ago in reply to emmosophos

Hi, not really the same as above since I already had OTP activated for a selected number of users.

Users that were already using OTP faced the issue after changing to 60 seconds. When I do a Timeoffset sync, I get the error.
Cancel
Vote Up 0 Vote Down

Cancel
0 emmosophos over 2 years ago in reply to @wajdiaa

Hello there,

I access and authenticated first with the Test user, and then changed the Time-offset.

I would recommend you open a case to get this investigated or if you already have one, share it with me to see what has been done already.

Regards,

Emmanuel (EmmoSophos)

Technical Team Lead, Global Community Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel