Hi Nick, I didn't modify the guacamole.properties and left the default settings. I was even getting the "Verification failed" error message with Microsoft Authenticator.
Best, Delvain Mbina Security Operations Engineer M: (209) 305-0215 The Save Mart Companies 1600 Yosemite Blvd., Modesto, CA 95354 -----Original Message----- From: Nick Couchman <[email protected]> Sent: Thursday, August 24, 2023 6:57 AM To: [email protected] Subject: Re: TOTP Verification Failed During MFA Enrollment On Thu, Aug 24, 2023 at 3:51 AM Golovanov Timofej <[email protected]> wrote: > > Hi Delvain, > > I had this issue too, and my problem was that I had changed the totp settings > via guacamole.properties. Even though the Guacamole doc states you can set > several totp options, they won't be applied properly, and the Google > Authenticator will generate wrong QR codes. The only supported option seems > to be "totp-issuer". To be clear, it is not Guacamole that ignores the settings changes, it is Google Authenticator that ignores them. When you change options for TOTP in guacamole.properties, Guacamole adjusts the TOTP codes accordingly, but Google Authenticator seems to have a fairly "fixed" configuration and ignores many of the options that you can change, resulting in a mismatch between the code that Guacamole expects and the one that Google Authenticator generates. -Nick --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
