Switching to new servers

Thank you for using our plugin.

I am sorry to read about your issue. Indeed, the plugin needs the private key in the wp-config.php file. If you moved the plugin without the key it could also be that the plugin generated a new key in the database, which could leads to problems.

Can you please answer the below questions so we can troubleshoot this issue?

1. You said the plugin is not working. But what is happening exactly? Can you explain in details what errors or notifications are you getting?
2. It seems like the plugin was using the key from the wp-config.php on the old website. By any chance did you move the files and database and not the key?
3. Is there a key in the new website’s database? If there is a key, is it the same or different than the one in the old website’s wp-config.php file?

Looking forward to hearing from you.

Thank you for your quick reply! Really appricaite it.
I will try and answer as best as i can:

You said the plugin is not working. But what is happening exactly? Can you explain in details what errors or notifications are you getting?

My bad, I did not mean to say the plugin threw code Errors as such, but just that I’m “experiencing an error”, with the plugin not validating my 2FA code. But the plugin is most likely doing the correct thing by rejecting me, I’m just trying to figure out why and what i need to do to get it working again,

The error message i get when entering the 2FA code from my authenticator app is: “ERROR: Invalid verification code.“

It seems like the plugin was using the key from the wp-config.php on the old website. By any chance did you move the files and database and not the key?

The process was, that i moved the site (file and database), but not the wp-config.php, since that file was created by the host, and only afterwards updated the wp-config.php to have the same “define(‘WP2FA_ENCRYPT_KEY’)”.

Is there a key in the new website’s database? If there is a key, is it the same or different than the one in the old website’s wp-config.php file?

I checked the database, and no key’s were found here. I searched x_options table for it, with a LIKE query for: “%secret_key%”, but could not find anything that would match wp 2fa.

To double check, i printed out the return of the method “WP2FA::get_secret_key()”, and the key it returns matches the one currently defined in wp-config.php as “WP2FA_ENCRYPT_KEY”.

• This reply was modified 2 years ago by swagtacular.

Thank you for the detailed explanation and answers. That really helped.

What must have happened in your case is that when you moved the website but did not copy the key from the wp-config.php the plugin created a new key in the wp-config.php of the new website.

In fact if you compare the key from the old and new wp-config.php they do not match, correct?

In that case simply copy the key from the old wp-config.php to the new one. That should do the trick.

Can you please try it and advise?

Hello again, thank you for your feedback.

I think you missread what i wrote maybe.
I did move the key from the old wp-config.php file, to the new wp-config.php file as i explained in this section from my previous answer:

———————–

It seems like the plugin was using the key from the wp-config.php on the old website. By any chance did you move the files and database and not the key?

The process was, that i moved the site (file and database), but not the wp-config.php, since that file was created by the host, and only afterwards updated the wp-config.php to have the same “define(‘WP2FA_ENCRYPT_KEY’)”.

—————————–

So to further explain:

Inside my current wp-config.php file, i have a line of code like this:

define(“WP2FA_ENCRYPT_KEY”, “xxxxxxxxx”);

The key (here defined as “xxxxxxxx”), is the same as the key defined in the old wp-config.php file.
So it should not be and issue, that the keys are different.

To test what key the plugin was actually using, and to be sure i did not miss a key defined somewhere in the database, i printed the value of the method WP2FA::get_secret_key(), which is the method used inside your plugin to get the key, and it returns the same key (“xxxxxxx”) as defined in the wp-config.php, which tells me that it is actually using the correct key, and i have not missed a key from the database somewhere, since it matches with the one defined in the wp-config.php file.

Hope i made this clearer now ??

Thank you for your detailed explanation. Considering the fact that the plugin is using the correct keys, and nothing was changed in the configuration the 2FA codes should be accepted.

Clearly something else is giving problems. Can you please answer the below questions for me so we can better understand what is happening?

1. If you create a new user, I presume that 2FA works fine, right?
2. Is this issue affecting only your user or all users?
3. If you reset your user’s 2FA config, then it works, right?

Looking forward to hearing from you.