Can't get past 2FA/MFA

I cannot get past 2FA/MFA after today’s switch to Upon attempting to log in with a valid MFA code, I get the error message: “Invalid multi-factor authentication code, please try again”. So I am currently locked out of my account. And I cannot even log a bug report, because I apparently need to be logged in to do this. @Bubble, please acknowledge and fix ASAP.

Anyone else seeing this?

We’ve seen sporadic issues with this that have gone away after refreshing the browser window a few times and waiting for a new token. Not sure what’s causing it – we’re investigating. If you keep trying, though, you should be able to get in eventually

Thanks @josh. I was first able to get in via Incognito window, and then finally in a new browser window but only after burning through 5 one-time codes, which I’m lucky I had stored.

In terms of process, when you say “waiting for a new token”, can you explain what you mean? As far as I can tell, Bubble’s 2FA process is that I need to already be logged into Bubble to use Authy to generate a set of a half-dozen one-time codes, which I then need to store offline, and then when prompted to enter a 2FA upon logging in, I need to dig up one of those “backup” codes to enter into the Bubble 2FA prompt, which seems wrong. But the continuously-regenerating code from Authy itself does not work when entered. Is this the correct protocol? (And what happens if one accidentally runs out of backup codes stored offline?)

The continuously-regenerating code is the one that’s supposed to work. If that isn’t working for you, you should go to your account page, turn off 2fa completely and delete it from Authy. Then, you can set it back up again. The one-time codes are purely for emergency situations like this one where you can’t get in using the regenerating code.

Thanks @josh. Turning off 2FA and setting it up again fresh in Bubble + Authy seems to have done the trick. The regenerating code now works. Bizarre, though.

This topic was automatically closed after 14 days. New replies are no longer allowed.