Google 2 factor authentication fails randomly
How to resolve google 2-factor authentication failures?
Overview: This article will help the gateway users to fix the error "Invalid Google Authenticator code. Make sure the time is correct on the server and the mobile device" while logging into the Ezeelogin GUI.
Google 2-factor Authentication can fail randomly if the server's time is incorrect. The time on the server needs to be synchronized with a time server. Even, if the time on the server has an offset of 5-10 seconds, the Google 2factor authentication would have random failures.
To correct the server time, run the following command on the gateway server:
root@gateway:~# apt install ntpdate //install ntpdate
root@gateway:~# ntpdate pool.ntp.org //adjust the server time
The battery on the motherboard could be weak or failing which may cause the server time to fall behind a few seconds. It's recommended to keep the above command added as a cronjob.
Also, do ensure the time on your mobile phone is correct as well. Sync the time on your mobile with that of your mobile operator to ensure that time is accurate.
- Google Authenticator -> Settings ->Time correction for codes -> Sync now
Emergency CLI Method:
1. Run the below commands in the Gateway server to disable and clear Google authenticator.
root@gateway:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_settings set value='N' where(name='enable_google_authenticator')"
root@gateway:~# php /usr/local/ezlogin/ez_queryrunner.php "update prefix_users set egs=NULL where username='ezadmin'"