Teddy Rogers Posted June 11, 2022 Share Posted June 11, 2022 I deleted some 2FA security questions and now users are reporting problems updating to one of the new 2FA questions. They are seeing the 2FA prompt (see attached image) and cannot enter anything in. Normally, after multiple failed attempts this would then send an email with a link to reset 2FA and use another question. Because there is nothing that can be entered they can't fail to login and/ or reset their 2FA via email. From AdminCP I see the deleted 2FA fields similar to, "security_question_1", "security_question_2" and so on. I make the assumption this is not the intended action and could be a bug? Ted. Link to comment Share on other sites More sharing options...
Teddy Rogers Posted June 11, 2022 Author Share Posted June 11, 2022 Think I have this fixed now, please disregard. Apologies... Ted. Link to comment Share on other sites More sharing options...
Marc Posted June 13, 2022 Share Posted June 13, 2022 No problem. What was it causing your issues? Link to comment Share on other sites More sharing options...
Teddy Rogers Posted June 13, 2022 Author Share Posted June 13, 2022 7 hours ago, Marc Stridgen said: What was it causing your issues? Miscommunication. I was more diligent after I posted and ran some tests of my own and then confirmed with members they were overlooking clicking the correct options (verifying using another method)... Ted. Link to comment Share on other sites More sharing options...
Marc Posted June 13, 2022 Share Posted June 13, 2022 Ah, no problem. Glad you managed to sort the issue in any case Link to comment Share on other sites More sharing options...
Teddy Rogers Posted August 10 Author Share Posted August 10 (edited) I don't think this problem was ever properly fixed. Every once in a while I still have a member contacting me because they struggle with 2FA question not being visible. When I check their 2FA in AdminCP their security question has a reference, something like "SECURITY_QUESTION_5", that indicates it used to be one of the previous deleted questions. Sorry I have not been clever enough to take a screenshot of the exact text before I changed it. To resolve the issue I go to edit the security question in AdminCP and save, since I only have the one question on the site. After that the new security question is visible. One of the affected members did a screen capture of what they see and get when prompted for the (missing) 2FA question. SecurityQuestionProblem.mp4.1c824772f0b880bccf26629a060bfdb6.mp4 Is this a bug, should they be prompted to reset their 2FA automatically if the question is no longer available? Ted. Edited August 10 by Teddy Rogers Link to comment Share on other sites More sharing options...
Marc Posted August 12 Share Posted August 12 Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release. Teddy Rogers 1 Link to comment Share on other sites More sharing options...
Teddy Rogers Posted August 13 Author Share Posted August 13 On 8/12/2024 at 3:00 PM, Marc said: Thank you for bringing this issue to our attention! I can confirm this should be further reviewed and I have logged an internal bug report for our development team to investigate and address as necessary, in a future maintenance release. Thank you for reviewing, look forward to it being fixed up... Ted. Link to comment Share on other sites More sharing options...
Recommended Posts