Support » Plugin: Keyy Two Factor Authentication (like Clef) » Keyy & JetPack Protect “Conflict”

Keyy & JetPack Protect “Conflict”

  • Resolved LisaBurger

    (@lisaburger)


    5 years ago

    I ran into an issue with my testing of Keyy.

    In addition to whatever 2FA plugin we use (currently Clef), we also install JetPack with the Protect module turned on. Protect, formerly BruteProtect, uses crowd-sourced information to block known IPs of botnets from even reaching the login page. It’s nice!

    Apparently JetPack/Protect also adds a “Prove Your Humanity” math-style captcha to the login page at times. With Clef, you could hide the login fields (user/password) and this captcha completely from the login page.

    I ran into a situation where the Prove Your Humanity field popped up in the Keyy/WordPress login form. I didn’t fill it and I locked myself out of the site, even when using the Keyy app and QR code.

    Of course, now I cannot reproduce this to show you a screenshot…

    I know this is an early beta and I’m thrilled this project is happening! Ultimately, I would like to see Keyy, once setup, completely override the default login form (unless you use the override URL). As someone who manages a lot of WordPress sites, the easier I can make it for my users, the better! If they use a username/password field, they will use those and forget about the Keyy app…and if this math captcha appears, all bets are off.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter LisaBurger

    (@lisaburger)

    5 years ago

    Spoke to soon…here’s an example:
    Keyy login with JetPack captcha

    If you remember to enter the math captcha before scanning the QR code, you often get the error: “The Keyy scan did not succeed. Please try again.” Note, I can’t tell if this is a Keyy issue independent of this captcha or not, as sometimes you can login.

    If you forget to enter the math captcha, you get taken to a separate screen to enter the math captcha and then redirected back to the login screen.

    Either way, it’s confusing!

    • This reply was modified 5 years ago by LisaBurger.
    • This reply was modified 5 years ago by LisaBurger.
    aporter

    (@aporter)

    5 years ago

    Hi,

    Sorry for the delay can you use the “report a problem” feature in the app so that we can get the log file from the device.

    This should allow us to check if it’s the app that is the issue or if there is a conflict between the two plugins.

    Best Wishes,

    Ashley

    Thread Starter LisaBurger

    (@lisaburger)

    5 years ago

    Will do. Thanks, Ashley.

    David Anderson

    (@davidanderson)

    5 years ago

    Hi Lisa,

    You will want to fill in any other elements of the login form that are necessary before the Keyy scan. It’s basically impossible for Keyy to know which other elements that other plugins may have added are absolutely required. As such, the user has to make up the distance, by filling those in first.

    David

    David Anderson

    (@davidanderson)

    5 years ago

    I’d also say that, if using Keyy, then you may as well turn off JetPack Protect. (I used + loved BruteProtect, BTW… I suggested the original idea for it; someone else on the mailing list then did the hard work to create it: http://wordpress-hackers.1065353.n5.nabble.com/Limit-Login-Attempts-tt41123.html#a41142 ). If all the logins on the site are protected by Keyy, then JetPack won’t be able to refuse any logins that Keyy isn’t already refusing.

    David

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Keyy & JetPack Protect “Conflict”’ is closed to new replies.

Views