Resolving Multi-Factor Authentication (MFA) Issues

  • Updated

In this article, we will guide you through initial triage steps for when your Multi-Factor Authentication (MFA) codes are not recognised upon attempting to sign into BigChange online.

If you wish to learn more about Multi-Factor Authentication (MFA), see What is MFA?

Initial Triage Steps

The affected web user(s) must have their Multi-Factor Authentication reset before attempting triage.

For instructions  on how to reset Multi-Factor Authentication, see Resetting MFA for a Web User

  1. Remove Multi-Factor Authentication from the web user on the BigChange site.
  2. Delete any accounts on the Multi-Factor Authentication application that have been generated by BigChange when previously scanning the QR code.

We are not asking nor are you required to delete MFA for other sites or systems, as this only pertains to BigChange MFA accounts.

  1. Sign into BigChange and set up MFA again by scanning the QR code via the Multi-Factor Authentication Application.
  2. Either clear your browser's cache, site data and cookies for all time OR open a different browser which you do not use for BigChange.
  3. Go to BigChange and sign in using your credentials.
  4. Enter your Multi-Factor Authentication code.

These steps may help you resolve issues you are experiencing with Multi-Factor Authentication in relation to logging into BigChange.

If these steps have not resolved the behaviour and you are certain you have followed the steps correctly, please continue reading this article.

Reasons Why Multi-Factor Authentication Can Fail

Multi-factor authentication (MFA) can sometimes fail or be rejected for various reasons. Here are some common issues and potential solutions:

1. Incorrect Time Settings

  • Issue: Time-based One-Time Password (TOTP) codes, such as those generated by Google Authenticator, rely on the correct time being set on both the server and the client device. The most common cause of 2-factor authentication problems is that the time on your Google Authenticator app is not synced correctly.
  • Solution: Ensure that the time on your device is synchronised with an internet time server. Most smartphones have an option to set the time automatically. For Google Authenticator:
    • iPhone: Go to Settings > General > Date & Time, and enable "Set Automatically." If this setting was already enabled, disable it, wait a few seconds, and then re-enable it.
    • Android: Open the Authenticator app, go to the main menu, select Settings > Time Correction for Codes, and tap "Sync now."

2. Out-of-Sync Tokens

  • Issue: Hardware tokens or software tokens can sometimes become out-of-sync with the server.
  • Solution: Some systems allow you to re-sync the token. Check the documentation for your specific MFA provider.

3. Incorrect Codes

  • Issue: Entering the wrong code can happen due to typographical errors (typos) or reading the code incorrectly.
  • Solution: Double-check the code and ensure you are entering it within the valid time window.

4. Expired Codes

  • Issue: TOTP codes typically expire after 30 seconds. If you take too long to enter the code, it may no longer be valid.
  • Solution: Generate a new code and enter it promptly.

5. Network Issues

  • Issue: Some MFA methods, like SMS or push notifications, rely on network connectivity. Poor network conditions can delay or prevent the delivery of codes.
  • Solution: Ensure you have a stable internet connection or cellular signal.

6. App Issues

  • Issue: The MFA app itself might have bugs or issues.
  • Solution: Ensure the app is up-to-date. Restarting the app or your device can also help.

7. Browser or Device Issues

  • Issue: Sometimes, specific browsers or devices might have compatibility issues.
  • Solution: Try using a different browser or device to see if the issue persists.

8. Security Policies

  • Issue: Some organizations have strict security policies that might interfere with MFA.
  • Solution: Consult with your IT department to understand any specific security policies that might be affecting MFA.

9. Google Two-Factor Authenticator (2FA) Code Not Working

  • Issue: Problems logging into your account can occur if the Google Authenticator app is not working properly.
  • Solution: Follow the time synchronisation steps for your device as outlined above. Ensure the app is updated and functioning correctly.

By addressing these common issues, you can improve the reliability of your multi-factor authentication setup and reduce the likelihood of encountering problems when accessing your accounts.

Unable to resolve the MFA issue?

Please speak to your IT Administrator(s) or reach out to the Multi-Factor Authentication application's developer for further guidance.

Was this article helpful?

1 out of 3 found this helpful

Comments

0 comments

Please sign in to leave a comment.