Two Factor Authentication on Iphone?

Question

I have a 2FA code in my nodeJS server application that utilizes speakeasy module to verify whether the passed key is valid or not. I am using google Authenticator app on the client side. I am using a secret key = "A0B0C0D0E0F0A1B1C1D1E1F2". This works on Android devices well. However, when I try the same on an Iphone, I face the following issues:

Google Authenticator App on Iphone does not allow me to add the secret "A0B0C0D0E0F0A1B1C1D1E1F2". It seems it has some native rules wrt secret keys.
Even when I enter a secret key that the Iphone allows, speakeasy.totp code is not able to verify, and always returns a FALSE.

  secretKey = "A0B0C0D0E0F0A1B1C1D1E1F2";
  var verified = speakeasy.totp.verify({
    secret: secretKey,
    encoding: 'base32',
    token: userToken
  }); 

if(!verified) {
         // verification failed
    } else {
         // verification ok
    }

How do I fix this issue so that it works on both Android and Iphone devices?

Note: The app is still in test region. The secret keys in prod will be stored on a permanent storage/db.

Thanks.

score 0 · Accepted Answer · answered Oct 18 '19 at 11:24

0

The secret used in totp.verify was in lowercase. When i converted that to upper case, it started working fine.

answered Oct 18 '19 at 11:24

nihal

357
1
3
18

Two Factor Authentication on Iphone?

1 Answers1