SecureAuth version affected: 8.2 +
The enrollment process for device/browser fingerprinting returns an error saying "Invalid code. Please try again.", but it will still sometimes register the device/browser, or sometimes not at all.
This could be a possible mismatch of the OTP parameters that need to be set the same across the different tabs.
We'll be looking at the OTP options to make sure they are uniform and match each other respectively across the different configuration areas.
- The error looks like this once an OTP has been entered as the last step to register a mobile device.
Hop over to the post authentication tab of whatever realm is set for enrollment. Now inspect the values between the Passcode Length and Passcode Change Interval. These fields have to match with their respective counterpart in the registration method tab.
This is the option from the post authentication tab.
Respectively, this is from registration methods.
- Once all the OTP options are matching, the code should no longer reflect as invalid!