I cannot get past 2FA/MFA after today’s switch to bubble.io. Upon attempting to log in with a valid MFA code, I get the error message: “Invalid multi-factor authentication code, please try again”. So I am currently locked out of my account. And I cannot even log a bug report, because I apparently need to be logged in to do this. @Bubble, please acknowledge and fix ASAP.
We’ve seen sporadic issues with this that have gone away after refreshing the browser window a few times and waiting for a new token. Not sure what’s causing it – we’re investigating. If you keep trying, though, you should be able to get in eventually
Thanks @josh. I was first able to get in via Incognito window, and then finally in a new browser window but only after burning through 5 one-time codes, which I’m lucky I had stored.
In terms of process, when you say “waiting for a new token”, can you explain what you mean? As far as I can tell, Bubble’s 2FA process is that I need to already be logged into Bubble to use Authy to generate a set of a half-dozen one-time codes, which I then need to store offline, and then when prompted to enter a 2FA upon logging in, I need to dig up one of those “backup” codes to enter into the Bubble 2FA prompt, which seems wrong. But the continuously-regenerating code from Authy itself does not work when entered. Is this the correct protocol? (And what happens if one accidentally runs out of backup codes stored offline?)
The continuously-regenerating code is the one that’s supposed to work. If that isn’t working for you, you should go to your account page, turn off 2fa completely and delete it from Authy. Then, you can set it back up again. The one-time codes are purely for emergency situations like this one where you can’t get in using the regenerating code.
Thanks @josh. Turning off 2FA and setting it up again fresh in Bubble + Authy seems to have done the trick. The regenerating code now works. Bizarre, though.