POV-Ray : Newsgroups : povray.off-topic : I cannot set up Github 2FA! Server Time
14 Jul 2024 00:54:30 EDT (-0400)
  I cannot set up Github 2FA! (Message 1 to 10 of 10)  
From: Cousin Ricky
Subject: I cannot set up Github 2FA!
Date: 7 Oct 2023 21:29:58
Message: <65220616$1@news.povray.org>
GitHub is requiring me to set up 2-factor authorization by October 11,
or they will lock me out of my account.  I've followed their setup
instructions using Aegis for Android, but I always get the message,
"Two-factor code verification failed.  Please try again."  I cannot
complete the setup.

There doesn't seem to be a help link anywhere, and this problem doesn't
show up in any FAQ, so I tried Googling, Binging, and DuckDuckGoing the
problem.  The only suggestion I've seen is that the clocks of the phone
and computer are out of sync.  It turned out mine were off by 2 seconds,
but re-synchronizing them did not help.  I've rebooted both the phone
and the computer.  No luck.

The deadline is approaching, and I'm faced with a problem that is not
acknowledged to exist by either GitHub or the authenticator.  Have any
GitHub users here set up 2FA successfully?  Did you have this problem?

My OS is openSUSE Leap 15.3.


Post a reply to this message

From: Chris Cason
Subject: Re: I cannot set up Github 2FA!
Date: 8 Oct 2023 07:14:08
Message: <65228f00@news.povray.org>
On 8/10/2023 12:29, Cousin Ricky wrote:
> There doesn't seem to be a help link anywhere, and this problem doesn't
> show up in any FAQ, so I tried Googling, Binging, and DuckDuckGoing the
> problem.  The only suggestion I've seen is that the clocks of the phone
> and computer are out of sync.  It turned out mine were off by 2 seconds,
> but re-synchronizing them did not help.

I'm pretty familiar with TOTP (which is what you're using), having implemented it in
code for my day job. Generally speaking the codes are valid in 30 or 60-second blocks,
and implementers are encouraged to allow codes for the previous block as well as the
current to be valid to avoid cases where someone gets a totally valid code and types
it in then submits it, but in the interim the issuer changes to a new block. That's a
bad user experience so most sites don't do that.

So basically a difference of two seconds is totally unimportant and not the cause of
your problem.

> acknowledged to exist by either GitHub or the authenticator.  Have any
> GitHub users here set up 2FA successfully?  Did you have this problem?

Yes, I have and no I didn't.

How are you importing the master code? Via QR + camera or are you using the
manually-entered key? If only one, have you tried the other? Have you tried a
different authenticator program?

If you think the issue is with Github, try using one of the sites that allows you to
test TOTP, such as https://www.verifyr.com/en/otp/check (just enter junk in the label
and issuer fields). Import the generated key then test it using the same page. It
should work. If it does and you still can't get Github to work then that would be
puzzling.

-- Chris


Post a reply to this message

From: Le Forgeron
Subject: Re: I cannot set up Github 2FA!
Date: 8 Oct 2023 10:31:02
Message: <6522bd26$1@news.povray.org>
Le 08/10/2023 à 03:29, Cousin Ricky a écrit :
> GitHub is requiring me to set up 2-factor authorization by October 11,
> or they will lock me out of my account.  I've followed their setup
> instructions using Aegis for Android, but I always get the message,
> "Two-factor code verification failed.  Please try again."  I cannot
> complete the setup.
> 
> There doesn't seem to be a help link anywhere, and this problem doesn't
> show up in any FAQ, so I tried Googling, Binging, and DuckDuckGoing the
> problem.  The only suggestion I've seen is that the clocks of the phone
> and computer are out of sync.  It turned out mine were off by 2 seconds,
> but re-synchronizing them did not help.  I've rebooted both the phone
> and the computer.  No luck.
> 
> The deadline is approaching, and I'm faced with a problem that is not
> acknowledged to exist by either GitHub or the authenticator.  Have any
> GitHub users here set up 2FA successfully?  Did you have this problem?
> 
> My OS is openSUSE Leap 15.3.

I went with the SMS verification code.
(I do not trust applications)

It went fine (and once setup, they give you recovery data to download in 
case the phone number get trashed)


Post a reply to this message

From: Thorsten
Subject: Re: I cannot set up Github 2FA!
Date: 8 Oct 2023 12:27:02
Message: <6522d856$1@news.povray.org>
On 08.10.2023 16:31, Le_Forgeron wrote:
> I went with the SMS verification code.
> (I do not trust applications)

You might want to check out how TOTP works. It is almost trivial (and 
yet so effective) and can actually run almost anywhere, so you don't 
have to depend on those "funny" applications available on phones if you 
don't want to. There are several free libraries handling it to compile 
even on your desktop.

Oh, and at least on an iPhone, you can actually use the native password 
manager to generate the codes, too, however, you always have to go to 
the password for the site to get the code displayed, so it isn't the 
most convenient. Still. I would be surprised if this wasn't possible on 
Android phone with Google native applications as well.

Thorsten


Post a reply to this message

From: Cousin Ricky
Subject: Re: I cannot set up Github 2FA!
Date: 8 Oct 2023 12:44:31
Message: <6522dc6f$1@news.povray.org>
On 2023-10-08 07:12 (-4), Chris Cason wrote:
> 
> How are you importing the master code? Via QR + camera or are you using
> the manually-entered key? If only one, have you tried the other? Have
> you tried a different authenticator program?

I used QR + camera.  Aegis appeared to load GitHub's info correctly.  I
have not tried a different authenticator program.


Post a reply to this message

From: Jim Henderson
Subject: Re: I cannot set up Github 2FA!
Date: 9 Oct 2023 17:13:10
Message: <pan$eb77f$3ab7e849$d2a2c206$e7043794@nospam.com>
On Sun, 8 Oct 2023 16:31:02 +0200, Le_Forgeron wrote:

> I went with the SMS verification code.
> (I do not trust applications)

FWIW, SMS is far less secure than an app.  IMEI cloning renders SMS 
verification one of the least secure options out there.

TOTP application codes are among the most secure, because the algorithms 
used are open.  You can use something like FreeOTP if you want something 
that you can audit the code for.
-- 
"I learned long ago, never to wrestle with a pig. You get dirty, and 
besides, the pig likes it." - George Bernard Shaw


Post a reply to this message

From: Jim Henderson
Subject: Re: I cannot set up Github 2FA!
Date: 9 Oct 2023 17:13:42
Message: <pan$7d3da$1dfec87$8aa90c63$9c84d5b4@nospam.com>
On Sun, 8 Oct 2023 18:27:01 +0200, Thorsten wrote:

>  I would be surprised if this wasn't possible on Android
> phone with Google native applications as well.

Google Authenticator is the tool I use.



-- 
"I learned long ago, never to wrestle with a pig. You get dirty, and 
besides, the pig likes it." - George Bernard Shaw


Post a reply to this message

From: Jim Henderson
Subject: Re: I cannot set up Github 2FA!
Date: 9 Oct 2023 17:22:28
Message: <pan$7af3$4fb38f39$f3a33cb9$608ba29a@nospam.com>
On 9 Oct 2023 17:13:10 -0400, Jim Henderson wrote:

> FWIW, SMS is far less secure than an app.  IMEI cloning renders SMS
> verification one of the least secure options out there.

Actually, this isn't the correct reason, but it still is pretty insecure.

https://www.okta.com/blog/2020/10/sms-authentication/ (I worked for an 
Okta competitor, but this article spells it out pretty well.)

It's better than nothing, but not better than TOTP.



-- 
"I learned long ago, never to wrestle with a pig. You get dirty, and 
besides, the pig likes it." - George Bernard Shaw


Post a reply to this message

From: Cousin Ricky
Subject: Re: I cannot set up Github 2FA!
Date: 11 Oct 2023 00:15:30
Message: <65262162$1@news.povray.org>
On 2023-10-08 07:12 (-4), Chris Cason wrote:
> 
> If you think the issue is with Github, try using one of the sites that
> allows you to test TOTP, such as https://www.verifyr.com/en/otp/check
> (just enter junk in the label and issuer fields). Import the generated
> key then test it using the same page. It should work. If it does and you
> still can't get Github to work then that would be puzzling.

I tried verifyr.com, and it worked.  But GitHub still doesn't.


Post a reply to this message

From: Cousin Ricky
Subject: Re: I cannot set up Github 2FA!
Date: 11 Oct 2023 00:25:55
Message: <652623d3$1@news.povray.org>
On 2023-10-11 00:15, Cousin Ricky wrote:
> On 2023-10-08 07:12 (-4), Chris Cason wrote:
>>
>> If you think the issue is with Github, try using one of the sites that
>> allows you to test TOTP, such as https://www.verifyr.com/en/otp/check
>> (just enter junk in the label and issuer fields). Import the generated
>> key then test it using the same page. It should work. If it does and you
>> still can't get Github to work then that would be puzzling.
> 
> I tried verifyr.com, and it worked.  But GitHub still doesn't.

Wait...!  On my last attempt, I got a different error message, with a
link to try again.  I scanned the QR code, which set up an entirely new
entry, and that one worked.  This must have been a one-time glitch.


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.