1 Topic by docdamron

  • docdamron
  • Member
  • Offline
  • Registered: 2025-02-01
  • Posts: 6

Topic: MFA/TFA not working in EE

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): v1.0.1
- Deployed with iRedMail Easy or the downloadable installer? Via the EE installer
- Linux/BSD distribution name and version: Debian 12 (latest)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PGSQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? With the EE interface
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I haven't been able to enable MFA/TFA in the EE web interface.  When I click on the toggle, it goes on and then off immediately.  It does show the QR Code and it scans fine, but when you enter the numerical code from the MFA app, it does nothing.  I am unsure where to look for logs for this topic, please inform and I will add to this post.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,197

Re: MFA/TFA not working in EE

Which web browser and MFA app do you use?

3 Reply by docdamron

  • docdamron
  • Member
  • Offline
  • Registered: 2025-02-01
  • Posts: 6

Re: MFA/TFA not working in EE

Using Firefox 134.0.2 on MacOS 15.x or Linux Pop_OS lastest.  MFA app is Google Authenticator.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,197

Re: MFA/TFA not working in EE

Does it work with Chrome browser?

5 Reply by docdamron

  • docdamron
  • Member
  • Offline
  • Registered: 2025-02-01
  • Posts: 6

Re: MFA/TFA not working in EE

I don't use Chrome or any derivative of it, I will install it and test...but I really don't want to have to keep it installed to administer this one server.

6 Reply by docdamron

  • docdamron
  • Member
  • Offline
  • Registered: 2025-02-01
  • Posts: 6

Re: MFA/TFA not working in EE

Solved!  I used Safari on MacOS to enable it and the MFA works with Firefox for login.  So, it only required a Webkit based browser for the initial enabling of the MFA, but it functions with any browser.

Thank you for your help.

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,197

Re: MFA/TFA not working in EE

Noted. Will try Firefox later.
Thanks for the feedback.

8 Reply by docdamron

  • docdamron
  • Member
  • Offline
  • Registered: 2025-02-01
  • Posts: 6

Re: MFA/TFA not working in EE

Now it is back to not working for login with any browser.  Is there a way to disable it from the command line?

9 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,197

Re: MFA/TFA not working in EE

docdamron wrote:

Now it is back to not working for login with any browser.  Is there a way to disable it from the command line?

If your system offers SQLite 3.37.0 or later release, you can disable TOTP with commands below:

cd /opt/iredmail/conf
sqlite3 settings.db
delete from totp where email="<your-account-email>";

1-2 commands are shell commands, 3rd one is sqlite SQL command.

If your server has old SQLite package, you can copy /opt/iredmail/conf/settings.db* (one or multiple files) to another machine which has SQLite 3.37.0 or later release, modify with same commands above, then copy these files back to iRedMail server.

Make sure copied files have same owner/group/permission.

10 Reply by docdamron

  • docdamron
  • Member
  • Offline
  • Registered: 2025-02-01
  • Posts: 6

Re: MFA/TFA not working in EE

Thank you, sir.  Much appreciated.

11 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,197

Re: MFA/TFA not working in EE

Hi @docdamron,

I can reproduce this issue, and it happens when server time / clock is incorrect.
Could you please check whether your server time / clock is correct?