Help
FortiAuthenticator
FortiAuthenticator provides access management and single sign on.
yangw
Staff
Staff

Created on ‎03-14-2023 02:06 AM Edited on ‎03-14-2023 02:08 AM By Moderator

Article Id 249044

Troubleshooting Tip: Authentication problem can be login with any 2FA token code when logging in using the FortiAuthenticator Agent for Microsoft Windows

Description This article describes that FortiAuthenticator Agent for Microsoft Windows is a credential provider plug-in that enhances the Windows login process with a one-time password, validated by FortiAuthenticator.
Scope FortiAuthenticator 6.4.
Solution

Windows login process encounter problem can log in with any 2FA token code, it can be checked in the agent debug log to find out the related error message.

 

In this case, two-factor authentication can take effect by the input of any random token code.

 

domainRemoved_authWithRandomCode(1).PNG

 

In the debug log of the agent, the related message is visible below.

The problem was caused by the domain not being added for 2FA.

 

2023-01-19 14:12:41,842 [8404|24|DEBUG] TwoFactorAuthPlugin: Received domain: TWTAC, username: twtac5
2023-01-19 14:12:41,843 [8404|24|INFO ] TwoFactorAuthPlugin: Domain TWTAC is not enabled for Two Factor Authentication <<<<<<<<<<

 

Adding a domain for the 2FA in the agent configuration.

 

FAC_Agent_2FA_setting_add_domain(1).PNG

 

The two-factor authentication failed due to the invalid token code after adding the domain to the configuration.

 

domainAdded_authWithRandomCode(1).PNG
540
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.