News:

On Tuesday September 6th the forum will be down for maintenance from 9:30 PM to 11:59 PM PDT

Main Menu

Enabling hardware token 2FA (FIDO / U2F) breaks Google Voice

Started by ThomasMore, June 14, 2021, 10:08:02 AM

Previous topic - Next topic

ThomasMore

Hi,

I've been using an OBi200 with a Google Voice account for years. and it has generally worked well. I recently switched 2FA on for the Google account, enabling a hardware token (FIDO / U2F). This works fine for web access, but it seems to have broken the OBi GV functionality. I can't be sure that that's what's going on here, but nothing I tried got GV working again (including multiple reboots and deleting the entire SP1 configuration and recreating it by going through the Google app authorization flow again), until I disabled 2FA, at which point GV promptly came back to life (after a reboot).

From browsing this forum, I had the impression that 2FA should not prevent the OBi from working with GV. Can anyone help? Thanks.

SteveInWA

That is a complete coincidence.  OBiTALK devices work fine on Google accounts that use FIDO U2F keys, and you get a gold star for using them and protecting your security.  Your FIDO key will be required for your to sign into your Google account, but OBiTALK devices are not signing into your account.  They are only granted (by you, during setup) access to the Google Voice service on your account.  The device exchanges encrypted tokens with Google to access the service.

There was a massive outage this weekend caused by a server authentication issue, which was resolved last night.  The error message references a "token error", which could confuse people into thinking it was their FIDO token.

If your device is still not working, then I recommend that you follow my instructions, here:

https://www.obitalk.com/forum/index.php?topic=13868.msg89076#msg89076

ThomasMore

You may be right - I re-enabled 2FA, rebooted, and GV is still working. Let's hope it stays up ...
Thank you.