Multi Factor Authentication problem

Hi All,

I found a weird thing with our new passbot server setup. We are running passbolt-CE 3.12.2 . I have enabled Multi Factor Authentication Time-Based One Time password…

ON my user account, I then enable MFA and scan the QRcode with my app. I’m using authy in Iphone. it accepts the QR code and provides me with a 6 digit password. I’m able to validate the code, But then the server kicks me back the the MFA sign in page. From their on, the codes do not work. I have checked the time on the server and confirmed its in my time zone.

What do you guys think might be causing this weird problem?

Thanks for the help, Talk to you soon.

Can you clarify this a bit more? Maybe include screenshots so we are clear on what you are seeing as it happens.

Here is some screenshots, I set my device up:


But then when i click on anything, I get this OTP sign in but the tokens just loop be back to the same screen. I dont get bad token.


Do you use the site under https? This could explain the issue.

Otherwise there is an issue that is preventing cookies to be set, like another extension preventing cookies to be created, or an extension changing the user agent.

1 Like

I’m not using HTTPS yet, Have not setup the cert.

So for OTP I need to have SSL(HTTPS) setup. That would make sense.

Thank you for the help. IT was the SSL cert needed.