Skip to main content
Invalid OTP Code

Hackers: Troubleshooting instructions for invalid codes from Google Authenticator

Updated this week

Why is my OTP code invalid?

When signing in to your HackerOne account using two-factor authentication, your OTP code generated on Google Authenticator may be invalid. If you run into this issue, it may be because your device time differs from the HackerOne system time by more than 90 seconds, which will result in the generation of the wrong code.

The time discrepancy may occur because:

  • You set your phone time settings manually and it later switched to automatic (or vice versa)

  • Your device switched NTP servers (a server used to sync clocks in networks)

To fix the issue, set your clock settings to sync automatically:

Android Users

iOS Users

On your Google Authenticator app:
1. Go to Settings > Time correction for codes.
2. Click Sync now.

On your iPhone:
1. Go to Settings > General > Date & Time.
2. Enable Set Automatically.

Did this answer your question?