7 replies

Cannot verify TOTP after successfully setting up 2FA, getting `INVALID_TWO_FACTOR_COOKIES`

I can successfully enable TwoFactor, show the QR and backup codes, and verify it with a generated code. This sets

twoFactorEnabled

twoFactorEnabled

TRUE

TRUE

for the user.

However when that user later logs out and back in, and needs to verify their 2FA TOTP code, I get this error

INVALID_TWO_FACTOR_COOKIES

INVALID_TWO_FACTOR_COOKIES

. No two factor cookies are being set anywhere, and I have tried to log them but they aren't generated by the enable nor verify TOTP in my

totp/setup

totp/setup

routes.

What could be the issue? Thank you.