starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-02-27 07:58:30 +03:00
Code Issues 32 Packages Projects Releases 12 Wiki Activity

2FA code authentication time-sync issue/too strict authentication #243

New Issue
Closed
opened 2026-02-04 18:54:56 +03:00 by OVERLORD · 1 comment
OVERLORD commented 2026-02-04 18:54:56 +03:00
Owner
Copy Link

Originally created by @itsthejb on GitHub (Feb 27, 2019).

Related? https://github.com/dani-garcia/bitwarden_rs/issues/306

Hi all,

First of all, love this implementation! Great work on it!

One medium issue I keep having: it appears that the 2FA code authentication implementation has a timestamp-related issue. That is, it definitely works, but I find that the generation of the code on my app (currently Authy on iOS) and my bitwarden_rs installation (using this docker image) is heavily out of sync. That is, I either have to enter the code in the first seconds of the code being generated, or the last seconds. Meaning, clearly the timestamp of the server and the timestamp of the 2FA client are quite out of sync. Alternatively, this could be caused by the fact that bitwarden_rs doesn't leniently accept "late" or "early" codes.

I have been able to log in, but authenticating a new client is quite frustrating and this seems to be a genuine issue. Of course, alternatively this may also be an issue that should be fixed in the container.

Hope that someone can help. Thanks!

Originally created by @itsthejb on GitHub (Feb 27, 2019). Related? https://github.com/dani-garcia/bitwarden_rs/issues/306 Hi all, First of all, love this implementation! Great work on it! One medium issue I keep having: it appears that the 2FA code authentication implementation has a timestamp-related issue. That is, it definitely works, but I find that the generation of the code on my app (currently Authy on iOS) and my `bitwarden_rs` installation ([using this docker image](https://hub.docker.com/r/mprasil/bitwarden)) is heavily out of sync. That is, I either have to enter the code in the first seconds of the code being generated, or the last seconds. Meaning, clearly the timestamp of the server and the timestamp of the 2FA client are quite out of sync. Alternatively, this could be caused by the fact that `bitwarden_rs` doesn't leniently accept "late" or "early" codes. I have been able to log in, but authenticating a new client is quite frustrating and this seems to be a genuine issue. Of course, alternatively this may also be an issue that should be fixed in the container. Hope that someone can help. Thanks!
OVERLORD commented 2026-02-04 18:55:04 +03:00
Author
Owner
Copy Link

@itsthejb commented on GitHub (Feb 27, 2019):

Ok, my bad: Seems ntpd wasn't running on my server (thought it was) and my date was quite off. Fixed with something like https://serverfault.com/questions/368602/how-do-i-update-a-centos-servers-time-from-an-authoritative-time-server

@itsthejb commented on GitHub (Feb 27, 2019): Ok, my bad: Seems `ntpd` wasn't running on my server (thought it was) and my date was quite off. Fixed with something like https://serverfault.com/questions/368602/how-do-i-update-a-centos-servers-time-from-an-authoritative-time-server
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
troubleshooting
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#243
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?