Locked out by RDM Two-Factor
68 views
Skip to first unread message
Gaelan Steele
Jun 8, 2024, 11:43:29 AMJun 8
to 'Adam Stead' via A gathering place for the Open Rail Data community
Hi all,
Tried to log into the Rail Data Marketplace a few days ago, only to be faced by a two-factor authentication prompt. Honestly I’m not sure if I ever set 2FA up, but I certainly don’t have any TOTP codes stored - no clue if something funky happened on my end or theirs. Unfortunately, I don’t see any way to recover from this (the “forgot password” flow works, but only resets my password, leaving the 2FA prompt in place). I sent a support ticket, but haven’t heard back in two days.
Has anyone else faced this issue? Is there anything I can do beyond hope for a response from the support people?
Gaelan
Tried to log into the Rail Data Marketplace a few days ago, only to be faced by a two-factor authentication prompt. Honestly I’m not sure if I ever set 2FA up, but I certainly don’t have any TOTP codes stored - no clue if something funky happened on my end or theirs. Unfortunately, I don’t see any way to recover from this (the “forgot password” flow works, but only resets my password, leaving the 2FA prompt in place). I sent a support ticket, but haven’t heard back in two days.
Has anyone else faced this issue? Is there anything I can do beyond hope for a response from the support people?
Gaelan
David Wheatley
Jun 9, 2024, 6:28:33 AMJun 9
to A gathering place for the Open Rail Data community
Hi Gaelan,
I think that we were forced to enable TOTP 2FA a month or two ago — it wouldn't let us get past login otherwise. This mandatory 2FA only appears to apply to users with admin/financial access within the organisation, so a secondary user solely with access to data wouldn't be affected.
We didn't have it enforced like this, however, with the website randomly creating 2FA without asking you!
I hope you get a helpful response from the support people. I'd like to think they'd be able to sort this.
David
Paul Kelly
Jun 9, 2024, 8:18:46 AMJun 9
to openrail...@googlegroups.com
On Sat, 8 Jun 2024 at 17:43, Gaelan Steele <g...@canishe.com> wrote:
Tried to log into the Rail Data Marketplace a few days ago, only to be faced by a two-factor authentication prompt. Honestly I’m not sure if I ever set 2FA up, but I certainly don’t have any TOTP codes stored - no clue if something funky happened on my end or theirs.
Exactly the same thing happened to a colleague of mine. I had put it down to human error (somehow missing the prompt when the 2FA details were first shared), but now having heard that it's happened to someone else, I am more suspicious...
We have a BR Fares organisation account with several different users. I was the first user to set up 2FA, and experienced it as David described with the 2FA details clearly shared. But the second user does not remember seeing any 2FA details being shared until being suddenly faced with the prompt for a code. I am wondering if a similar situation could exist with you? In particular,
I sent a support ticket
How were you able to send a support ticket if you can't log in? Do you have another account?
Maybe I am totally on the wrong track; was just a hunch. In our case I (who had my 2FA credentials stored) logged in and sent a message on behalf of the locked out user, and someone from RDM got in touch and arranged a video call to prove identity and set up the 2FA properly. A slow, clunky and labour-intensive process, but it worked.
Paul
Gaelan Steele
Jun 9, 2024, 8:21:25 AMJun 9
to 'Adam Stead' via A gathering place for the Open Rail Data community
On Jun 9, 2024, at 1:18 PM, Paul Kelly <pa...@brfares.com> wrote:How were you able to send a support ticket if you can't log in? Do you have another account?
It’s possible to file a support ticket without an account: the form at https://raildata.org.uk/helpAndInformation/contactSupport only insists that you sign in if you state that you have an account and are able to sign in.
Gaelan
Reply all
Reply to author
Forward
0 new messages