• Resolved wbenterprises

    (@wbenterprises)


    I can see new users signing up for my website. Their registration is accepted. I have WP 2FA configured to require 2FA straight away. However, over the past week, NOBODY has successfully configured 2FA. All the recent new user accounts are stuck at “Required but not configured” status of the process. I cannot see them accessing any of my other content, so I can only assume they are not able to log in.

    I have tested the process myself, and it works. I tested gmail, yahoo, and hotmail to ensure the OTPs are being delivered (to the Inbox, not Spam/Junk). I have tested my SMTP service and it works.

    What could possibly be causing this recent string of incomplete 2FA setups?

    WP 2FA version: 2.2.0
    WordPress version: 5.7.6
    PHP Version: 7.4

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Contributor robertabela

    (@robert681)

    Hello @wbenterprises

    Thank you for using our plugin.

    I am sorry to read about your issue. It is quite strange though. I think the easiest way to find out is to ask some of the users for feedback. Do you have access to some of the users? It would be interesting to know the cause of this.

    Please keep us posted.

    Thread Starter wbenterprises

    (@wbenterprises)

    I have tried to contact all of them, but nobody has responded with any input yet. It’s VERY aggravating and it’s probably causing me a loss of income. There are NO troubleshooting logs for WP 2FA to review. I will have to remove WP 2FA and use another plugin since this doesn’t seem to be going away.

    I first thought it was spam bots, but they’re all different email domains, 90% of them are valid (no NDRs), and the IP addresses are all unique. I can see users making it past the registration page, but I can’t see why they aren’t returning with the OTP, or if they’re even opening the message.

    • This reply was modified 2 years, 7 months ago by wbenterprises.
    Plugin Contributor robertabela

    (@robert681)

    I am sorry to read that.

    I am afraid that we cannot help you with this issue @wbenterprises. One thing I can say, since you have tested the process and everything is working, the issue does not seem to be the plugin, but something else. Maybe users are not even aware that they have to set up 2FA? Before users even try to set up 2FA, the plugin has no control / we have no access, so no level of logging will help.

    Please do keep us posted about this issue. I am curious to learn what the issue might be.

    Thread Starter wbenterprises

    (@wbenterprises)

    Logging WOULD help. It should log when the user is redirected to 2FA setup. It should log when an email/OTP is sent or requested. It should log The type of 2FA the users selects. It should log any action the plugin or the user takes which affects the plugin.

    There is DEFINITELY something wrong because the “Required but not configured” result is CONSTANTLY happening, and I do NOT see the new users visiting my posts. With no troubleshooting features, it is impossible to see where the failure is happening.

    Another problem: On the 2FA Policies page, what is the difference between “Do you want to redirect the user to a specific page after completing the 2FA setup wizard?
    Redirect users after 2FA setup to” and “Specify the page where you want to redirect your users to after they complete the 2FA setup. This will override the global redirect setting. Redirect users after 2FA setup”??? These sound like two of the exact same settings. This should ALSO be included in logging!

    Sorry, this plugin is getting uninstalled. Such a pain that a security plugin like this can just randomly stop functioning properly and not have any method of debugging.

    • This reply was modified 2 years, 7 months ago by wbenterprises.
    Plugin Contributor robertabela

    (@robert681)

    Hello @wbenterprises

    What you require is very specific to your setup. We’d be more than happy to assist you and send you a debug version of the plugin that keeps a log of such user actions. Please send us an email at [email protected] so we can assist you. In your email please make reference to this ticket.

    Regarding your other question;

    The first redirect is a global setting to redirect all users to a specific URL after they set up their 2FA. The second one, it applies for when you require users to configure 2FA from a front-end page.

    However, looking at it now it is indeed a bit confusing. I am reporting this as an issue so we’ll improve it in the upcoming version of the plugin.

    Thread Starter wbenterprises

    (@wbenterprises)

    Sorry, no, this is too frustrating.

    Now it’s reporting “Not required and not configured” for users even though the settings are CLEARLY showing 2FA is immediately required. I can’t stand it anymore, so I’ve removed this plugin.

    Tell me how to clear out all the data WP2FA has saved in my database, please. Is it all the meta_keys beginning with “wp_2fa” only, or is there more?

    Thank you.

    Plugin Contributor robertabela

    (@robert681)

    I am sorry to read about all your problems @wbenterprises

    All the plugin settings are prefixed with wp_2fa_ in the database. You can delete them manually. Otherwise you can always reinstall the plugin and choose the setting to delete all database data upon uninstall.

    Should you wish to try the plugin again or would like assistance with testing and implementation please do not hesitate to ask.

    Have a good day.

    Got locked out twice as admin from my page , deactivated and redone 2fa setup.
    3 days ime to set it up, after 3 day it says that grace period is over and admin are locked out again. deactivated wp32fa for now until update with fix is available

    Plugin Contributor robertabela

    (@robert681)

    Hello @anderslinn

    Thank you for your message. If you want us to support you, as per this forum’s guidelines please open your own support thread.

    Looking forward to hearing from you.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘WP 2FA not working anymore’ is closed to new replies.