You may experience that the system does not accept your seemingly valid 2FA code when using TOTP (through an authenticator app).

You can always log in using one of the valid recovery codes that were generated for you when setting up 2FA using TOTP. After logging in, you can disable or reconfigure your 2FA setup.

Below are the reasons why your code may not be accepted:

1. Using an authentication code of a 2FA setup for a different email address.

Make sure that you're using a 2FA code configured for the email address you're trying to login to RushFiles with.

2. Using an authentication code from an already deleted/changed 2FA setup.

In order to avoid this, always make sure that you remove the corresponding 2FA setup from your authenticator app whenever you disable TOTP authentication or change to a different type of 2FA in your RushFiles account.

3. The time is not correct on the device used for authentication.

Make sure that the device the authenticator app is running on (i.e. your phone) shows the correct time. Most devices have an option to automatically synchronize with the correct time for the current timezone.

Keeping the clock synchronized with the timezone on your devices that run RushFiles applications is important for authentication in general.

4. The time is not correct on the RushFiles installation.

As an end-user, if the reasons listed above do not explain why the code may be invalid, please contact your RushFiles provider or use a recovery code as mentioned at the start of this article.

If you're a RushFiles provider, make sure that the time is synchronized on the server that hosts the domainauth.yourdomain IIS site. In case you have a multi-server setup, this site will be on the backend server. Keeping the clock synchronized with the timezone on your server is important as a synced clock is also important for authentication in general.

Visit our 2FA FAQ or our articles about it aimed at end-users, company administrators, and reseller administrators to find more information about 2FA.