Google Authenticator Wonkiness

[ghost]

Hi there,

I have the feeling that something's not quite as it should be with the Google Authenticator.
When I start the Authenticator setup from the login screen, I get the QR code, I can scan it and it shows up in my Google Authenticator showing the Servername "@ServerName".
When I enter the created OTP, it says the Google Authenticator password was wrong. Now I played around for quite a bit and at some point in time i sent an authenticator link by clicking the button in the user menu (when I was logged in as administrator).
After scanning that one it showed "User@ServerName". When I tried logging in, this didn't seem to work as well, but after clicking the button to setup Google Authenticator, the OTP suddenly worked (without me scanning the newly sent link, but sticking to the "User@ServerName" entry.
Could it be that from the login screen, the link/QR code is generated incorrectly and when hitting the button as administrator, it creates the right one? And can I change that?

[ghost]

Another thing... I get the following error when trying to save settings.

If I go to "2FA Options" first and save them (without changing anything), it works fine afterwards but only so long as I don't leave the settings screen. After leaving and re-entering the settings screen, the issue reappears.

[ghost]

Issue goes away if I set "valeur" to accept Null.

[nilsteampassnet]

You identified a bug. The query was not executed from the index page. It is now corrected in 2.1.25

The 2d problem has already being corrected #1152

[Pit33]

Hi,

I've got a simmilar problem. I upgraded from 2.1.19 to .21.25 on a wamp server.
After this i enabled 2factor and send an account de google code. After scanning i tried login but it keeps telling me the Google Authentiocator Code is wrong. I disabled 2fa and enabled it again and reissued the code but it won't work.

Can you help me out?
Cheers

[ghost]

Hi,

Since 2.1.25, i didn't encounter problems with Google Authenticator any
more apart from NTP related issues.
Try updating the time in your server by configuring NTP. You can check
whether NTP might be the cause by updating the time once by issuing
"ntpdate de.pool.ntp.org" for example. If that helps, configure NTP using
the ntpd.conf and adding NTP to the default run level.

Pit33 notifications@github.com schrieb am Di., 28. Juni 2016, 12:33:

Hi,

I've got a simmilar problem. I upgraded from 2.1.19 to .21.25 on a wamp
server.
After this i enabled 2factor and send an account de google code. After
scanning i tried login but it keeps telling me the Google Authentiocator
Code is wrong. I disabled 2fa and enabled it again and reissued the code
but it won't work.

Can you help me out?
Cheers

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#1169 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AP70eI-OEr7zJRhD3_SjHVF_NcE5JfM4ks5qQPiRgaJpZM4HKutg
.

[Pit33]

Hi,
Time service already syncing with pool.ntp.org so that's not the issue. What i did do is upgrade to version 2.1.26 and the problem is gone!

Thanks.

[Pit33]

Hi,

I don’t know if you’re interested but we came up with a solution for the unencrypted saltkey on a wamp server.

We have Teampass running on a virtual wamp server. We have several people working for us with access to the virtualization platform. So there’s a change somebody makes a copy of the virtual server and take it home.

In that case it’s quite easy to get access to the salt key and the encrypted database. What we did to ensure security is create a windows user under which account the apache server is running and therefore this account needs access to the saltkey. We than encrypted the saltkey with EFS under this account. So only this account can access the saltkey. If you don’t know the password (nobody else does) you can reset the account of course but then you won’t be able to access the saltkey because it’s still encrypted using the original password. Only the logged on user can change his password and thereby change the encryption key. I’ve tested this and it works just fine.

I have a few questions.

•      Is here a mailing list of something like that so I can get emails about version updates and so on?
  

•      We are running version 2.1.26 and every time someone wants to access their personal folder they need to enter their personal saltkey (makes sense) but whatever you type in your always granted access. So if my personal saltkey was “Password1” and next time I enter “Password22” all passwords are shown.
  

•      When we access a folder with for example 20 password entries it takes 3 second to show the list which is really slow. I found several posts about this and I tried al suggestions but nothing seems to speed up things. Do you have any more suggestions?
  

Kind regards.

Met vriendelijke groet,

Pieter van Daalen
KNS Automatisering

Pleimuiden 16d
1046AG Amsterdam
Tel. +31 204080971
http://www.kns.nl

---

Disclaimer

Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden,wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. KNS Automatisering aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico’s verbonden aan het elektronisch verzenden van berichten.
This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. KNS Automatisering accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.

---

From: ilfrigorifero [mailto:notifications@github.com]
Sent: dinsdag 28 juni 2016 21:09
To: nilsteampassnet/TeamPass TeamPass@noreply.github.com
Cc: Pieter van Daalen | KNS pieter.van.daalen@kns.nl; Comment comment@noreply.github.com
Subject: Re: [nilsteampassnet/TeamPass] Google Authenticator Wonkiness (#1169)

Hi,

Since 2.1.25, i didn't encounter problems with Google Authenticator any
more apart from NTP related issues.
Try updating the time in your server by configuring NTP. You can check
whether NTP might be the cause by updating the time once by issuing
"ntpdate de.pool.ntp.org" for example. If that helps, configure NTP using
the ntpd.conf and adding NTP to the default run level.

Pit33 <notifications@github.commailto:notifications@github.com> schrieb am Di., 28. Juni 2016, 12:33:

Hi,

I've got a simmilar problem. I upgraded from 2.1.19 to .21.25 on a wamp
server.
After this i enabled 2factor and send an account de google code. After
scanning i tried login but it keeps telling me the Google Authentiocator
Code is wrong. I disabled 2fa and enabled it again and reissued the code
but it won't work.

Can you help me out?
Cheers

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#1169 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AP70eI-OEr7zJRhD3_SjHVF_NcE5JfM4ks5qQPiRgaJpZM4HKutg
.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHubhttps://github.com//issues/1169#issuecomment-229151093, or mute the threadhttps://github.com/notifications/unsubscribe/ATQAGOzpbpL4gxdhoOW7VU5fQc3BBWVHks5qQXFagaJpZM4HKutg.