2FA Error – No Admins can log in using 2FA

Hi @sarawildflower,

Are you using a custom login form? Due to the possible differences in form fields and the login flow, our 2FA and reCAPTCHA features are only officially supported for the default WordPress/WooCommerce login and registration pages.

You may be able to log in with Wordfence enabled by entering a two-factor authentication code directly after your password, in the same field. For example, if your password is w0rdf3nce#! and the code is 233455, then enter w0rdf3nce#!233455.

Let us know how it goes!

Thanks,
Margaret

Hello, I’m using the default WordPress login.

The solution of password+code doesn’t work either, I just get “ERROR: The username or password you entered is incorrect”

Any other suggestions please?

Hi @sarawildflower,

Thank you for checking. Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

Thanks,
Margaret

Thank you, I have just sent the diagnostic report.

Hi @sarawildflower,

Thank you for sending those. There may be a plugin conflict. Can you please try disabling Anti-Spam by CleanTalk and then check if you’re able to log in with 2FA enabled please?

If disabling Anti-Spam by CleanTalk doesn’t help, please try disabling all other plugins and reverting to a default theme, such as?Twenty Twenty-Four. If you can log in with 2FA enabled, reenable your plugins and theme one by one until the issue recurs to help find the cause.

Please let us know how it goes!

Thanks,
Margaret

This is still not working. Today I have tried:

• Disabled all plugins
• Changed Theme to 2024
• Purged all caches
• re-set up 2FA

When I activate Wordfence again, the 2FA continues to give me the same message when I try to log in: “CODE INVALID: The 2FA code provided is either expired or invalid. Please try again”

Might it be to do with the NTP, here is the message on the dashboard:

• NTP
• NTP is a protocol that allows for remote time synchronization. Wordfence Login Security uses this protocol to ensure that it has the most accurate time which is necessary for TOTP-based two-factor authentication.NTP is currently?enabled.NTP updates are currently failing.?NTP will be automatically disabled after 2 more attempts.

How can I resolve this please?

Hello @wfmargaret , is there any response to this. It is for a website that was hacked (hackers disabled Wordfence) so it’s an important thing for it to work. Losing confidence in WF.

Hosting support confirms the NTP is fine. Though I still see it’s failing I don’t know if that would be the reason for the 2FA failing.

I have sent another diagnostic report as debug is on, so it might give you more insight?

Hi, I’m checking here that the topic is marked as resolved, but I don’t see the resolution here.

and I’m having the same problem, I’ve already followed all the steps and the only solution is to keep disabling Wordfence on the hosting and re-enabling it. However, this is not feasible.

I did not get a response or find a solution to this, I had to disable the Wordfence 2FA and use another plugin: WP 2FA which seems to work. Then I had to hide all references to Wordfence 2FA so my admins didn’t get confused about which one to use.