You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
TLDR: the android system clock, the NTP time, and what 2FAS thinks the time is can drift apart causing token issues.
1, My device is set to use network-provided time in Android settings.
2, My device is currently 0.980s ahead of NTP, it does drift a little, but not a lot
3. When the 2FAS app is first started, I believe I am correct in saying it polls the NTP servers, it initialy generates tokens at the correct NTP times.
4. Over time, hours, days, 2FAS's concept of the time seems to drift away from that initial NTP sync, to ao considerable degree. What we see here is just a few hours drifting, and 2FAS is already generting tokens 10 seconds early.
5. Over longer periods of time it gets too far out
6. The Android system clock is never that far out
7. Killing 2FAS app and restarting it again syncs to NTP and all is well again
I think perhaps that 2FAS isn't checking on any periodic schedule that it's initial NTP derived time is still true and that for some reason it can drift to a considerable degree.
Probably it should periodically poll NTP servers to resync, or should be able to simply generate tokens against the Android system clock instead of NTP, as that is easier for people to see is inaccurate.
Solution
Turn it off and on again (kill the 2FAS app by swiping off the active apps list, then restart it).
Additional context
It's possible that goign to airplane mode and back may also fix it it, I'm not 100% sure on that, doing so does re-sync the system clock if it has drifted a little. No it doesn't, but killing and restarting 2FAS always does.
Acknowledgements
This issue is not a duplicate of an existing bug report.
I understand that security vulnerabilities should be reported to security@2fas.com instead of on GitHub.
I have chosen an appropriate title.
All requested information has been provided properly.
The text was updated successfully, but these errors were encountered:
Bug type
Other
App version
5.4.5
Device environment
Android 10 on Smart E11
Bug description
TLDR: the android system clock, the NTP time, and what 2FAS thinks the time is can drift apart causing token issues.
1, My device is set to use network-provided time in Android settings.
2, My device is currently 0.980s ahead of NTP, it does drift a little, but not a lot
3. When the 2FAS app is first started, I believe I am correct in saying it polls the NTP servers, it initialy generates tokens at the correct NTP times.
4. Over time, hours, days, 2FAS's concept of the time seems to drift away from that initial NTP sync, to ao considerable degree. What we see here is just a few hours drifting, and 2FAS is already generting tokens 10 seconds early.
5. Over longer periods of time it gets too far out
6. The Android system clock is never that far out
7. Killing 2FAS app and restarting it again syncs to NTP and all is well again
I think perhaps that 2FAS isn't checking on any periodic schedule that it's initial NTP derived time is still true and that for some reason it can drift to a considerable degree.
Probably it should periodically poll NTP servers to resync, or should be able to simply generate tokens against the Android system clock instead of NTP, as that is easier for people to see is inaccurate.
Solution
Turn it off and on again (kill the 2FAS app by swiping off the active apps list, then restart it).
Additional context
It's possible that goign to airplane mode and back may also fix it it, I'm not 100% sure on that, doing so does re-sync the system clock if it has drifted a little.No it doesn't, but killing and restarting 2FAS always does.Acknowledgements
The text was updated successfully, but these errors were encountered: