• Inviting everyone who uses WordPress management tools in Plesk
    The Plesk team is conducting a 60-minute research session that includes an interview and a moderated usability test.
    To participate, please use this link .
    Your experience will help shape product decisions and ensure the tools better support real-world use cases.

Issue HOW TO UPDATE SYSTEM TIME AND ENABLE MULTI FACTOR AUTHENTICATION.

M

MHC_1

Regular Pleskian
Server operating system version
alma linux
Plesk version and microupdate number
18.0.76#4
WE RUN IN THE UK.

UK HAS TIME CHANGE SUNDAY 29TH MARCH

We have had to update the server time so the server time is the same as the time on clocks here. Server time was previously -1 hour. (2pm instead of 3pm) .

Now, we have updated the server time as per the GUI --> Server Settings --> Server Time .

Now MFA login no longer works despite the MFA on the device providing the code and the server should be the same time.

HOW DO WE FIX THIS?

WHY WAS THERE NO NOTIFICATION OF MFA RISL?
 
This is usually because the timezone you have set vs the time you have set is not the same if you manually set the clock. My suggestion is to make sure that the timezone is set correctly and have it sync with a NTP server.

Check current setting
Bash: 
timedatectl status
Confirm it's set to the correct time zone If it's not the correct timezone you can see a list by using:

Bash: 
timedatectl list-timezones
You can also add | grep -i your_city or a city near by to narrow the search to make sure you find the correct one. Once you find the correct timezone issue:

Bash: 
sudo timedatectl set-timezone America/New_York
Replace America/New_York with your actual timezone.

Then make sure NTP is enabled by issuing:

Bash: 
sudo timedatectl set-ntp true

Then you can issue
Bash: 
sudo chronyc -a makestep
to force a sync (chronyc should be used by default for almalinux iirc, if not then need to find what your server uses and use that command to sync, if you don't have NTP enabled then install chrony and configure it, refer to https://linuxconfig.org/how-to-configure-ntp-server-and-client-on-almalinux for configuration instructions).
 
Because 2FA is tied to a TOTP which is tied to UTC times. So if your TOTP app is looking at one time via UTC but the server's UTC is different, then the TOTP will never match. This is why it's important to make sure the time actually matches the time zone which in turn will match the time with UTC. A few seconds is fine but a whole hour difference will be completely wrong (and I know this because I've troubleshooted an issue unrelated to Plesk where a user's computer clock was off by a minute and the TOTP software was on the same system so the 2FA is always 2 codes behind from what the actual server is looking for).
 
You must log in or register to reply here.

Similar threads

M
Issue Updating MariaDB from 10.5 to 10.11.4 breaks everything.
2
Replies
20
Views
6K
MHC_1
M
P
Resolved Multi-Factor Authentication (MFA) extension does not remember device
Replies
10
Views
5K
pleskuser67553
P
learning_curve
Resolved Permissions on some of the files packaged by Plesk are incorrect[ERROR] - Post 18.0.69 Upgrade
Replies
19
Views
10K
learning_curve
learning_curve
learning_curve
Issue Plesk Updates | GUI Plesk Panel ✔️ | CLI ✔️ | Cron ❌ - Close But No Cigar
Replies
15
Views
5K
learning_curve
learning_curve
P
Forwarded to devs Advisor extension Synchronize Server Time 'Open' button broken
Replies
3
Views
2K
NITROFOX
N
Back
Top