• Resolved ddelicious

    (@ddelicious)


    Can you provide basic setup instructions? I’m having trouble getting started with this.

    Specifically I’m having trouble with the Google Authenticator app and server timing.

    For the Google Authenticator app, I’m using the “Manual Entry” option and I’m being asked to enter an account and a key. Is the account the wordpress username, or the email address associated with that username? And once I have that set up, what am I expecting to see in the google app.

    For server timing, this message I’m getting inside settings is not clear to me: N.B. “Generating two-factor codes depends upon your web-server and your TFA app/device agreeing upon the time. The current UTC time according to the server when this page loaded: 2017-05-04 17:16:34, and in the time-zone you have configured in your WordPress settings: 2017-05-04 10:16:34”

    Does that mean there’s a timing mismatch between my TFA device and my server? Or is that simply stating that my wordpress timing settings and server timing are different?

    I think a step by step guide on setting this up would make it a lot more appealing to the broader WordPress audience.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    Hi,

    The ‘account’ is just your own label. It has no effect on the workings, so you can enter anything you like.

    The time message is only telling you your server time, twice (in your local, and a standardised, time zone). You need to manually copy that with your phone.

    David

    Thread Starter ddelicious

    (@ddelicious)

    Thanks for the reply.

    I’m still having trouble getting this to work.

    Here’s what I’ve done: I downloaded and activated the plugin. I enabled TFA for my user profile. I downloaded the Google Authenticator app.

    What’s the next step?

    When I got to log into that user profile, I’m asked to enter a code. But I don’t see how to make the Google Authenticator app talk to WordPress.

    Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    You need to use Google Authenticator to scan the code shown in your WP admin area TFA page, before logging out.

    Thread Starter ddelicious

    (@ddelicious)

    Thanks for your help, I got it to work. It wasn’t obvious to me that you need to sync wordpress with Authenticator by scanning the barcode or entering a code.

    Can more than one device be connected to one user account? How would I accomplish that now that I have TFA enabled for my account?

    • This reply was modified 7 years, 10 months ago by ddelicious.
    Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    You can connect as many devices as you like – just scan the code in whichever devices you want to use.

    Note that there is no real ‘connection’ between a device and a site. The TOTP algorithm – https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm – depends only upon possession of the private key (which is what you scan), and the correct time. There is no communication between the devices. The site is entirely ignorant of what devices you may have stored the private key on.

    David

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Basic setup guide?’ is closed to new replies.