On Wednesday the 18th I installed the App Two Factor TOTP Provider in Nexcloud 13… At the beginning I was still enthusiastic, but in the background, invisibly for me problems were approaching.
I already wrote the following text on Wednesday evening.
I’m a little at a loss. This morning I set up Nextcloud locally and created a user. To better secure the accounts, I installed the newcloud app Two Factor TOTP Provider and set it up for the user and the admin. For this purpose I use a YubiKey NEO with NFC in combination with the Yubico Authenticator on my Nexus 6P. I have been using this for more than two years now. What I noticed once I logged out, I had to use the second factor again and again when logging in.
Just a few minutes ago, I clicked into an open browser window where I am logged into GitHub. There it was written that I had to check my security settings immediately, otherwise my account would be blocked. Then I should reinstall two-factor authentication. I wanted to do everything like this, Yubico Authenticator didn’t want to create the same account a second time, so I cancelled. In the meantime everything seems to be all right again.
Unfortunately, I now also have to log in to GitHub again with the 2nd factor each time I log in. Usually this was only the case when I logged in on another device. If I repeatedly logged on to the same device, I never had to repeatedly enter the second factor.
For safety’s sake, I have undone the only change or innovation of the last few days. I uninstalled the 2FA from Nextcloud. I’ve worked in IT for 30 years, but I’ve never been that nervous.
So, I got fired from Google and now I always have to sign up with the 2nd factor. I changed passwords at Google and GitHub. I got kicked out on Twitter too, but I log in with GitHub, then it’s normal.
I have not yet had any contact or communication with GitHub about this problem. But in my own research, I discovered this in GitHub’s logs, which confirms my suspicion that Nextcloud or the app Two Factor TOTP Provider caused the problem.
I have a dial-up connection and the IP addresses are no longer valid.
As you can see from the logs, contacting the GitHub app seemed to be the trigger. Maybe not so many users of Nexclout have an account with GitHub at the same time, except for the developers here, of course. That’s why I think it’s possible that this problem could affect someone else.
With kind regards Michael