How Can I Login To Mobile App?
I got a new phone today, and I installed the Astiga mobile app. This is Android. I am prompted for email address and password, and I entered both correctly. I cannot login. I get a message stating make sure I enter my token; however, there is absolutely no place to enter my two-factor auth token. There is zero input for it. How do I login?
Comments
The mobile app does not support two-factor authentication. Enabling it means you will never be able to login. Ever.
Hi - you use the token where you would otherwise place the password.
As it says on the settings page (maybe we should re-word):
If you use the Astiga app, or any third-party app, you cannot login using your password if two-factor authentication is enabled. Instead, please use the token as listed on the apps page instead.
So, replace the password with the token on the https://play.asti.ga/apps page and it should work (it did for me just now).
I've reworded this to:
In the Astiga app, or other third-party apps, you must use the token instead of your password if two-factor authentication is enabled. Your token can be found on the apps page. Use it in place of your password wherever the app asks for a password.
Hopefully that's clearer?
This is different from the web login page where I enter:
Email
Password
token
The mobile is showing:
Email
Password
I was not aware that instead of Password, I must enter the current token. I think it would be much more clear and simple to simply display all three just like the web page login does.
Once you are logged in to the mobile app, you may then enable two-factor authentication. The app will allow you to continue to be logged in. This is the reason I never noticed this issue before. I logged into the mobile app entering email and password only and turned on two-factor auth after logging in.
Having a consistent login would be ideal.
Like most people, I use a password manager to generate strong passwords. Replacing a strong password with a time-based six digit entry in my case is exponentially weaker than my current strong password alone. Turning off two-factor login for me is stronger than having it on for the mobile app. This does not apply to the web page and forum login. These logins require both password and time-based token.
That's understandable. But if you were to use the password with 2FA and you had to provide an authenticator code, would you expect this to come from an authenticator app on the same device?
Considering I use Authenticator Pro installed on all of my Android devices, no. I have the app installed on four devices simultaneously, and I use this app on all of these devices.
Thanks. I think this somewhere where we can make improvements.