Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted June 11, 20222 yr I deleted some 2FA security questions and now users are reporting problems updating to one of the new 2FA questions. They are seeing the 2FA prompt (see attached image) and cannot enter anything in. Normally, after multiple failed attempts this would then send an email with a link to reset 2FA and use another question. Because there is nothing that can be entered they can't fail to login and/ or reset their 2FA via email. From AdminCP I see the deleted 2FA fields similar to, "security_question_1", "security_question_2" and so on. I make the assumption this is not the intended action and could be a bug? Ted.
June 13, 20222 yr Author 7 hours ago, Marc Stridgen said: What was it causing your issues? Miscommunication. I was more diligent after I posted and ran some tests of my own and then confirmed with members they were overlooking clicking the correct options (verifying using another method)... Ted.
August 10, 2024Aug 10 Author I don't think this problem was ever properly fixed. Every once in a while I still have a member contacting me because they struggle with 2FA question not being visible. When I check their 2FA in AdminCP their security question has a reference, something like "SECURITY_QUESTION_5", that indicates it used to be one of the previous deleted questions. Sorry I have not been clever enough to take a screenshot of the exact text before I changed it. To resolve the issue I go to edit the security question in AdminCP and save, since I only have the one question on the site. After that the new security question is visible. One of the affected members did a screen capture of what they see and get when prompted for the (missing) 2FA question. SecurityQuestionProblem.mp4.1c824772f0b880bccf26629a060bfdb6.mp4 Is this a bug, should they be prompted to reset their 2FA automatically if the question is no longer available? Ted. Edited August 10, 2024Aug 10 by Teddy Rogers
August 12, 2024Aug 12 Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release.
August 13, 2024Aug 13 Author On 8/12/2024 at 3:00 PM, Marc said: Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release. Thank you for reviewing, look forward to it being fixed up... Ted.
October 8, 2024Oct 8 Author @Marc assume this did not get fixed in the latest update. I had another member email me today saying they could not login and reset their 2FA because of the issue identified above. Resolved by simply going to edit then save. Do you know if/ when this will be fixed? Ted. Edited October 8, 2024Oct 8 by Teddy Rogers
October 8, 2024Oct 8 We do stil have an open bug report on this at present. Im unable to say when it will be fixed, but I see it has been being actively discussed
