Firmware upgrade to V4.62 remove 2FA for admin access

Chris_FL
Chris_FL Posts: 1
edited April 2021 in Security
Hi all,
I have recently activated the 2FA (Google Authenticator) for the admin access, it was working fine.
My USG40 upgraded to the new firmware V4.62 last night, and now the 2FA is gone, it does not ask for the second token anymore.
I checked the admin user settings and it seems that the firmware upgrade has indeed disabled the 2FA.
Anyone else has experienced the same issue?

Comments

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,230  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Hi @Chris_FL

    I upgrade USG40 to V.462(AALA.0) and Enable Two-Factor Authentication for Admin Access with Google Authenticator.

    It works and I found the verification code of Google Authenticator will dynamically change in limited time interval.

    So, if when you would like to type the verification code you should open your Google Authenticator app to see what the current verification code is.

    Following is my cerification procedure:

    Check device information.

    Enable Two-Factor Authentication for Admin Access with Google Authenticator.


    Logout Web GUI and login it.

    Open my Google Authenticator app to see the current verification code.


    Type my USG40 current verification code and can login successfully.



    Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community

  • kyssling
    kyssling Posts: 107  Ally Member
    First Comment First Answer Friend Collector Sixth Anniversary
    Can anybody explain me if 2FA Authentication for client support SSL SecuExtender (or must use web login) ?
  • danyedinak
    danyedinak Posts: 51  Ally Member
    First Comment Friend Collector Sixth Anniversary
    Chris_FL said:
    Hi all,
    I have recently activated the 2FA (Google Authenticator) for the admin access, it was working fine.
    My USG40 upgraded to the new firmware V4.62 last night, and now the 2FA is gone, it does not ask for the second token anymore.
    I checked the admin user settings and it seems that the firmware upgrade has indeed disabled the 2FA.
    Anyone else has experienced the same issue?

    Chris_FL I have a number of different USG40 and USG60's that have completely lost the recent configuration changes that I have made during firmware updates. The firmware update process not only reverts to an earlier configuration, but recent backups of the configuration files disappear as well. They can be found again by reverting to the previous firmware version whereupon they must be downloaded to a local machine, the router rebooted with the new firmware, the config file re-uploaded and finally applied.

    My guess is that the 2fa configuration you made was lost as a result of this same problem. If that's the only change you noticed, then reenabling it probably makes the most sense, but, in future, download a copy of the .conf file before the firmware update ... just in case.

Security Highlight