Issue MFA "invalid code" on admin account. Cannot even re-enable.

Poscolerep

New Pleskian
Plesk Obsidian 18.0.79 on Ubuntu 22.04.5 LTS

Hi everyone,

I'm having trouble getting Multi-Factor Authentication working again on my Plesk installation. I noticed the issue by chance when a login attempt failed with an invalid code error.
At that point I disabled MFA via CLI.

Now I want to re-enable it, but every verification code I try (freshly scanned QR, manually entered secret, different attempts over time, different mobile phone) gets rejected as "not valid" even during initial setup.

What I have already tried:

Checked server time with timedatectl status and timedatectl timesync-status.
NTP is active, offset is only -26ms.

Confirmed the phone's date/time is set to automatic network sync, not manual.

Disabled and re-enabled MFA from the GUI and from CLI
Fully uninstalled and reinstalled the extension (GUI and CLI)
Tried a fresh QR code setup in an incognito browser window, and additional browser.

Despite all this, a freshly generated code is still rejected as invalid, both for admin login and for initial setup.

Has anyone run into something similar?
Any pointers on where else to look (extension specific logs, database tables, etc.) would be much appreciated.

Thanks in advance.
 
Hi, @Poscolerep . Please check if any relevant errors are being logged into /var/log/plesk/panel.log. If nothing is being logged it is worth to temporarily enable Plesk debug mode. T most common issues are with the server time and NTP being off. Frankly, I cannot think of another reason that could be causing the issue.
 
Back
Top