2FA on Mobile

I appreciate the fact that you offer two factor authentication but the implementation and how it plays out on mobile forces you to login with a one time password which can only be created on a pc.  To resolve this, implement a text message based notification so you can get a randomly generated one-time code to enter after you input your regular password.  This would provide 2 authentication points but would require a phone number.  I was locked out until i could get back to my laptop so i've had to disable 2FA due to the implementation

0
3 comments
Spot On Innovative Approach Stellar Advice
Avatar
Hello Michael! Thank you for sharing your experience with us.
 
I understand that enabling 2FA for the mobile app would make the process quicker, but I wanted to share the logic behind why it isn't available. 2FA for mobile apps sends a code to the same device (the same phone where the app is installed), which defeats the security purpose of using two different devices in each step in case you have both apps installed on the same device. Maintaining the security of this approach would require you to carry two phones every time you need to access the app on one, which deems it impractical. Besides, you really only need to sign in to your Wrike mobile application once. The session is interrupted when you log out.
 
As long as you stay signed in on your phone, you do not need to use a one-time password. Your login sessions in Wrike mobile and in Wrike browser versions are independent. 
 
That said, I wanted to mention that disabling 2FA is not required to generate a one-time password. You would first need to sign in to your Wrike account on your desktop browser, and using the authentication app, generate a one-time password, and use it to sign in to your Wrike mobile. 2-step verification implementation is not broken in this chain. 
 
Please let us know if this wasn't the case for you, or if you face any other problems with accessing your Wrike Mobile or Desktop browser application, always glad to help you.

Valentine Community Team at Wrike Become a Wrike expert with Wrike Discover

2
Comment actions Permalink
Spot On Innovative Approach Stellar Advice
Avatar

Hi Valentine + wrike team,

 After about a month of being locked out of my clients Wrike portal on my mobile, I finally found this knowledge base article.

While the logic here makes sense, there is zero indication that this is the expected.  Neither the process of setting up two factor nor (more importantly) the text once it is completed mentions that when logging into mobile you will need to complete the two factor part on a desktop.

Furthermore, what is most frustrating is that the error message in the mobile app is "access denied, please contact your Wrike administrator"

This led me on a four week adventure trying to contact my clients Wrike administrator only for them to tell me there is nothing from their end wrong with my account.

Having a stronger indication of how two-factor should work would be a great CX improvement. While I respect that you are adhering to strict two-factor principles, it is not the way most people interpret this functionality (and indeed the very act of setting up a token based OTP auth seems to reinforce user expectations in this regard) and not have any mention of the "proper" mobile auth process is frustrating.

0
Comment actions Permalink
Spot On Innovative Approach Stellar Advice
Avatar

I have the same message :  "access denied, please contact your Wrike administrator",  there is any instruction to solve this? 

0
Comment actions Permalink

Folllowing List for Post: 2FA on Mobile
[this list is visible for admins and agents only]

Didn’t find what you were looking for? Write new post