How do I get two step authentication to let me stay logged in?
-
Two step authentication requires I use the code every time I login, even though I click the Keep for 30 days tab. On Google, I’m able to select an option where I am only required to enter the second authentication if I’m on a new device or machine, or every few months when I have to re-enter my password. But WordPress wants it every time, and even though I check the stay logged in tab, if I exit WP, I have to do both steps again. Is there a way to not have WP require the two-step on known machines, or, at least, let me stay logged in?
Thanks!
The blog I need help with is: (visible only to logged in users)
-
Hey Susan!
That definitely should not be happening. Once you login using 2FA and select the “Remember for 30 days” option, you should stay logged in. Can you make sure that you’re checking the “Remember Me” option on the initial log-in screen as well as the “Remember for 30 days” option on the 2FA screen?
-
Okay, I doubled checked both on Chrome and IE and made sure I was selecting the remember for 30 days option on both screens. On both browsers, I still have to put in the codes if I close that window (without logging out) and come back. I’ve already gone through 7 of my 10 printed out codes!
Also, one of the options is “send recovery codes via SMS”. I get the code, but when I use it, it takes me to the home page and I can’t get into the admin page.
I’m using a Dell Computer with Windows 8.1. Haven’t tried it on my old XP. Could this be an 8.1 issue? I’m tempted to undo the 2 step right now because it’s such a pain, but I’d like the extra security.
Thanks!
Sue
-
Hey Sue,
Are you solely using the backup codes to login? That might be the issue. The backup codes aren’t designed to be used for everyday access. They are only meant to be used when either the SMS or Google Authenticator methods do not work. It looks like you setup the two-step authentication using the Google Authenticator app. Are you able to use that to login instead of using one of our backup codes?
-
I had started only using the codes and the SMS–as I said before, the SMS doesn’t get me in at all–I think I never set it up. But tonight I tried using the Google Authenticator, taking care to select the good for 30 days option on both screens, and it still asks for a new login with the second authentication if I close the window and then come back and try to get in.
Sue
-
Hey Sue,
Let’s do this: can you disable two-factor authentication and re-enable it using the Google Authenticator app? Also, can you make sure you aren’t using an incognito window in Chrome?
Let me know if you’re still having trouble after disabling and re-enabling 2FA!
-
Okay. I disabled and then reenabled 2FA. Still requires both the password and the extra code on both IE and Chrome every time I close a Window. I tried it twice each.
I only used the GA app. However, in the setup, it asks for a backup code as well as typing in that I printed out the backup codes. That’s the only time I entered a backup code.
Any ideas?
Sue
-
Hi Sue,
I’m wondering do you have it set for your browsers to delete your cookies when you close the browser? Normally it should record your that you want your browser to remember the computer for 30 days unless you delete the browser cookies. Sometimes you can set it so that your browser deletes cookies every time you close it, so make sure it’s not set to do that.
However, I highly recommend entering your verification code every time. I know it can be a bit annoying, but it is the safest way to protect your account.
Feel free to reach out if you have any questions!
- The topic ‘How do I get two step authentication to let me stay logged in?’ is closed to new replies.
WordPress.com Forums 