2. PHPRunner General questions
  3. Issues with using Google Authenticator when overseas
This topic is locked

Issues with using Google Authenticator when overseas

 		6/18/2025 9:44:58 PM
PHPRunner General questions
A
 ausmonty authorDevClub member

We have an application that has 2FA on it, one of the uses, who is based in Australia has been isung it with google Authenticator all year with out isue. However, he is currently overseas and teh google authenticator is unable to contact the cloud, but he has internet access. But when he tries to access our application, it says the number is not correct.

Has anyone had this sort of issue before? based on my understanding its just a key and time that generates the number, so should be fine. I have throught of the time zone, but we have others in Australia in differnt zones and it works fine. And I would expect they would generate on UTC or a standard time zone.

Any help would be appreciated.

The app is generated through PHP Runner 10.91 (41974 x64)

Gordon.
ChatGPT 6/18/2025

It sounds like you're dealing with a common issue related to time synchronization in two-factor authentication (2FA) systems like Google Authenticator. Here are a few things to consider that might help you troubleshoot the problem:

1. Time Synchronization

  • Google Authenticator generates codes based on the current time and the shared secret key. If the device's clock is not synchronized correctly (even by a few minutes), it can lead to incorrect codes. Ensure that the time on the device is set to "automatic" or synchronized with the network time.

2. Time Zone Considerations

  • While Google Authenticator typically generates codes based on UTC, the local time setting on the device might still affect how the app displays the time. Verify that the device's time zone settings are correct.

3. Reinstalling Google Authenticator

  • If the user is unable to access the app due to the 2FA issue, they might consider reinstalling Google Authenticator. However, this could result in losing access to the 2FA codes unless they have a backup of the QR codes or recovery keys.

4. Backup Codes

  • If your application has a mechanism for backup codes, the user might be able to use one of those codes to log in. Check if your application provides this option as a fallback for 2FA.

5. Alternative Recovery Options

  • If the user is still unable to access their account, you may need to provide an alternative method for account recovery. This could involve verifying their identity through email, SMS, or another method you have set up.

6. Check Server Settings

  • Ensure that your server's time settings are also correct and synchronized with a reliable time source (NTP server). Any discrepancies between the server time and the device time can lead to issues with 2FA.

7. Contact Support

  • If all else fails, consider reaching out to PHPRunner support or checking their forums for similar issues. Other users may have faced the same problem and can offer insight or solutions.

Summary

Time synchronization is typically the primary culprit for 2FA code issues. Ensure that the device's clock is accurate, and check for backup options if the user cannot access their account. If necessary, provide alternative account recovery methods to assist the user in regaining access.