If you are using Okta Verify for multifactor authentication you may see either:
- Your Passcode Doesn’t Match Our Records, when using the ENTER CODE option
- Failed to Send Push Authentication, when using the SEND PUSH option
The problem is most likely the clocks are not synchronized. There are three clocks to consider:
- Your cell phone
Generally you will want to set your cell phone to sync automatically to your cell service providers clocks which will no doubt be correct to a few milliseconds.
- Your domain controller
Your domain controller should be set to with the Windows Time Service to sync to some atomic clock like the US Military’s or some of the big observatories. For details on this read our short article here.
- Okta’s servers
- Log in to the Access Gateway Admin UI.
- Select the Settings tab.
- Select Advanced.
- Verify that the time is correct.
- If the time is not correct, click Resync.
- Click the refresh button to refresh system time and verify that it is current.
- Test the application to determine if time is synchronized correctly.
The last time we had to deal with this, the user had wanted his cell to run 5 minutes fast and that just isn’t going to work with TOTP (Time-based One-time Password) system like Okta: