Was debating posting this here or in Software... but I will label this one as a "riddle me this, Batman"...
My phone is a Galaxy S9 (SM-G960W) with Android 10, Security Patch level Nov1-2020 (latest available).
I have many apps on my phone, namely Microsoft Authenticator and Google Authenticator.
I use MS Auth has about 20 accounts, one of which is NOT push-notification -enabled.
So when logging on to that site, I need to grab the code and authenticate. (This site also has a little link underneath the entry box where I can have that site send me a code by e-mail, more on this later...)
For the past 3 months, I login with username/password and get challenged for a code. Everything normal so far. I then enter the code and get refused, saying invalid code. "Ok, weird" I think. I fiddled around with it enough that I discovered that if I enter the code given to me via the App and get refused, I can then click the "send code by e-mail" and IMMEDIATELY click login (still with the code from the App, NOT the one in the email) - and am granted access.
( I ended up speaking with a programmer at this website, he monitored the codes I got and could confirm via the API that the code was valid).
Weird right ? Ok, park that.
I use Google Authenticator for two sites.
Site #1, I type in my username/password and get challenged. Type in my code (let's call it Code-A), refused.
Wait 30 seconds for a refresh, type in Code-B, refused.
Wait 30 seconds for a refresh, type in Code-C, refused.
Just for kicks, type in Code-A (now over a minute "old") - Access Granted ?!?!?!?
Site #2, works fine, username/password, challenge, code, access granted. Nothing to see here.
It appears my phone is providing codes that are timed somewhere in the future and I have to wait for Time to catch up ?
Any advice/ideas on this please ? I'm looking to avoid a factory reset (which I haven't done yet).
My phone is a Galaxy S9 (SM-G960W) with Android 10, Security Patch level Nov1-2020 (latest available).
I have many apps on my phone, namely Microsoft Authenticator and Google Authenticator.
I use MS Auth has about 20 accounts, one of which is NOT push-notification -enabled.
So when logging on to that site, I need to grab the code and authenticate. (This site also has a little link underneath the entry box where I can have that site send me a code by e-mail, more on this later...)
For the past 3 months, I login with username/password and get challenged for a code. Everything normal so far. I then enter the code and get refused, saying invalid code. "Ok, weird" I think. I fiddled around with it enough that I discovered that if I enter the code given to me via the App and get refused, I can then click the "send code by e-mail" and IMMEDIATELY click login (still with the code from the App, NOT the one in the email) - and am granted access.
( I ended up speaking with a programmer at this website, he monitored the codes I got and could confirm via the API that the code was valid).
Weird right ? Ok, park that.
I use Google Authenticator for two sites.
Site #1, I type in my username/password and get challenged. Type in my code (let's call it Code-A), refused.
Wait 30 seconds for a refresh, type in Code-B, refused.
Wait 30 seconds for a refresh, type in Code-C, refused.
Just for kicks, type in Code-A (now over a minute "old") - Access Granted ?!?!?!?
Site #2, works fine, username/password, challenge, code, access granted. Nothing to see here.
It appears my phone is providing codes that are timed somewhere in the future and I have to wait for Time to catch up ?
Any advice/ideas on this please ? I'm looking to avoid a factory reset (which I haven't done yet).
Ron
