Admin login accounts and 2FA with 1Password

Hi @gigamacro, thanks for getting in touch.

Have you tried another 2FA plugin such as Google Authenticator or Authy? This would determine whether 1Password or your site’s time/sync is the root cause.

The Wordfence plugin tries to apply a time offset, based on our one of our server’s timestamps if NTP isn’t available. If you check Wordfence > Login Security > Settings > General is “NTP” enabled or disabled?

What values do you see for “Server Time”, “Browser Time” and “Corrected Time” at the bottom of Wordfence > Login Security? If you could paste the output of that here, it could be useful.

Thanks,
Peter.

Thanks for your reply.

The server times are correct:

Server Time: 2023-08-04 16:19:44 UTC (2023-08-04 12:19:44 America/New_York)
Browser Time:?Fri, 04 Aug 2023 16:19:45 GMT (Fri Aug 04 2023 12:19:45 GMT-0400 (Eastern Daylight Time))
Corrected Time (NTP): 2023-08-04 16:19:44 UTC (2023-08-04 12:19:44 America/New_York)

In digging further, I deleted and recreated the 2FA on BOTH 1Password and Authy. They agree and roll over every 30 secs, as expected, and in synch.

I had an issue that if the 2FA code is entered to the login screen as the code rolls over, the old code is rejected and once a 2FA is rejected but I can no longer replicate that.

Very odd. For now, let’s regard the issue as closed and I’ll reopen if I get a recurrence.

Thanks for your help.