DUO Mobile provides invalid code, and eventually results in lock out


#1

Hey People,
DUO mobile is giving an invalid code.
I have a user who has an iPhone with iOS 8.1.1 (I don’t suspect this is the cause; many people have different iOS using DUO)
DUO mobile is on this device and is activated to provide 6 digit code for VPN access.
Domain username and password is not the issue since they are able to log in and out of resources.
The only way to access the VPN is to use a DUO Bypass Token or Bypass their account indefinitely.

This is the second time this has happened. The first time happened a couple of months ago and has been reinstalled and reactivated since then. It seems to be reoccurring.

ALSO,
In my administrative DUO management console, when this user logs in using the bypass token, it doesn’t show an IP address from the accessed location. It only shows 0.0.0.0 similar when user’s fail their attempts to login.

Please, I am in need of some insight on how to resolve this issue.

Thanks
Steve


#2

Hi Spak,

Are they able to receive Duo Push notifications and approve them to authenticate from the device? Can you verify their phone shows as activated? Does reactivating it again resolve the issue?

As for the 0.0.0.0 issue, this KB article explains why this happens: https://help.duo.com/s/article/2302.

If this doesn’t resolve your issue or you still have further questions, please contact our Support Team so they can troubleshoot your issue further.

Thanks!


#3

In my experience, this can happen when the clock on the mobile device isn’t correct. Does the iPhone have a setting to synchronize its clock either by NTP or with the mobile provider?

Sarah


#4

Sure thing. Navigate to Settings > General > Date & Time, and make sure “Set Automatically” is enabled. This step is our part of our iOS Push troubleshooting guide.