2FA with Google Authenticator has been working fine for me for quite some time now. Now, however, Cloudflare deems the PINs the Authenticator creates as invalid and even setting up Authenticator newly doesn’t work since Cloudflare claims the keys are invalid.
Has anybody experienced this behaviour and if so, how did you manage to fix the problem?
It happens at times that Google Authenticator (or similar apps) lose its time sync. Google has a tip on how to re-sync it. If that doesn’t work, I’d suggest you contact Support directly and request that they disable 2FA, and then re-enable it.
It’s also worth mentioning we’d recommend a couple of things as a good practise for account accessibility and security:
- Configure more than one 2FA method - we now support hardware keys for example and you can run multiple methods side by side: Cloudflare now supports security keys with Web Authentication (WebAuthn)!
- Always ensure you store your rescue codes just in case your device or key fails in some way