Topic: Still stuck... (Read 364 times)

If someone loses the 2FA to their account, then generally the only way to have the account unlocked is contact the exchange and go through their recovery process, which usually involves verifying your ID. If it were any easier than this to remove the 2FA without having access to the account, then the 2FA doesn't provide any additional security, since an attacker could just request for it to be disabled.

If your uncle's accounts are locked with 2FA, and no one can access the 2FA, then your only other option is to contact the exchange in question and provide the legal documents they request as I explained in an earlier post in this thread.

This is all assuming those 16 digit "secret keys" are indeed his 2FA back up codes, but there is nothing else they really could be.

You cannot reset his 2FA or generate any new back up codes without first having access to his accounts.

HI again,

I can't thank you enough for all your help again.  This has been an interesting journey so far and ive learned so many things i never knew before.  I have read your comments religiously and tried everything to the best of my ability but i realize something is still not working - i'm not too sure if it ever will, being honest. I broke the secret key apart last night - making sure that the letters can not been mis read or mistaken but i'm confidant its ok and clear.   This has become a personal quest i want to beat regardless of any value at the end at all.  It's not about that.  I want to continue it. 

Can i personally ask a few questions though? What is there was no Secret key?  What if i didn't have that piece of paper with those details at all? Would this have been impossible then?

I watched loads off You Tube videos on back up codes.  Loads of them!!  Can i try to to access those codes?  Would they aid me? If so, would that generate a new secret key?

Thank you for all your help. I know i wouldn't have got this far with out you.

K

Should you @OP be having the 16digit codes correctly which comes mainly all in upper case, you shouldn't be experiencing q lot of difficulty as you seem to specify. It simply should work on any device at all.

All that is expected of you is to download and Authenticator app and then, using your 16 digit code to import the authentication sequence for a specific account though, having 2 variant codes code mean an error for you because, each could belong to a separate wallet and you can interchange then so, I suggest you do a trier and error move towards each. What I'm saying in essences is,

Let's say, you've got account 1&2 and it's 16 digit verification code for importing the sequence on Google Authenticator. You,
1. Proceed with the import
2. Synchronise your Authenticator time to be the same with your device and then
3. You login to the accounts 1&2 individually and try the 2fa codes generated on both at intervals.

Repeat the same procedure on both accounts while using 16 digit verification codes 2. This is just to ensure that, there isn't a swap so, its a giving the benefit of the doubt kind of thing.

According title wording I would assume these are API keys (not 2fa backup codes). But it's weird they are single strings (these should come in pairs) and 16 chars is quite short ... so I guess this is not a valid point.

last desperate hints:
Maybe your uncle mistakenly swapped those two backup codes. Try using 6 digit code generated from bittrex backup to login into coinbase.
In past I had 2fa sync issues on my old device. Couple times worked using the expired 6 digit code. Try writing down current 6 digits, wait till new set of digits is generated and try to login using the old ones.

Did you compare the generated codes on both devices at the same time? The generated codes are temporary and change every 30 seconds or so. If you get different codes then one or both your devices are out of sync (assuming you you imported the correct secret key).
Since those codes are temporary, you have to enter the generated code on bittrex, or whatever service you want to access, before it expires or it will become invalid.

Thank you for your help. Sadly none of it worked.

Have you tried using these new 6 digit codes generated by your second device to access the accounts in questions?

It shouldn't make a difference since they are Base32 strings, but I suppose it depends if you are using a buggy app. I have always seen them displayed as all uppercase, though. On Aegis, it doesn't matter if you enter lowercase or uppercase, they both generate the same 6 digit codes.

Hey!

I did what you advised and both devices showed 6 different numbers. So there has to be an issue with the 16 digit secret key.

Does the 16 digit key need to be in capitals or lowercase?

Thanks again.

I am referring to your 16 character, alphanumeric, 2FA back up codes. If they are incorrect, then your only option is to contact the exchange and explain the situation. If they are correct, but you are somehow importing them incorrectly or are out of sync and are generating the wrong 6 digit 2FA codes, then importing them with different software on a different device or asking someone else you trust to import them, and seeing if the 6 digit codes they generate match the 6 digit codes you generate, will reveal if you are doing something incorrect.

Hi. Thank you for getting back to me about this again.  How would i find these codes you speak off?  we are relaying on the secret key, being honest.

Hi again. I remember all your previous threads. It seems like you have followed all the right steps but are still unable to access his accounts unfortunately. It sounds very much like you have the incorrect keys. Perhaps your uncle reset the 2FA on his accounts after making those back ups and failed to update his back ups.

There are two possibilities here. The first is back up codes are actually correct, but are generating out of sync 6 digit codes for you. Have you tried restoring them on different apps? Have you tried restoring them on different devices? If you like, you can PM me one of the back up codes and I can restore to see if the 6 digit codes I generate match the codes you are generating. (I can provide a PGP public key if you wish to encrypt them first if you know how to do this, although there is very little someone could do with the 2FA back up code only, not knowing your uncle's account name, email, or password).

The other possibility is as I said above: The codes are incorrect. If that is the case, then the only possibility you have for gaining access to the accounts is to email Bittrex and Coinbase, proving legal documentation that your uncle has passed away and you are the heir to his coins, and then complete KYC to prove your identity, and hope that they unlock his accounts for you.

Hi again. Thank you so much to everyone for entertaining this again. I really appreciate it.  You have no idea how much.  I have pulled out the codes and went through the characters to confirm they are clear and correct. They are clear as day. The title he used above the key was underlined Bitrexx Secret Key. It is very frustrating.

That clearly means that you entered a wrong secret key.
There's a probability that the secret key you entered belongs to another account. Try to find the correct secret key.

Krytokee, as shown in the screenshot posted by BITCOIN4X, if you don't have access to the correct 2FA code, there is no way to access the account. Because you won't be able to verify the identity.

If the OP can't recover it with that secret key, then that mean he lost 2FA. I'm trying to get some information on how to recover a forgotten or lost 2FA that caused the OP to be unable to access his account on the bittrex exchange. Here are some answers from my livechat with them regarding the OP's problem. I hope this helps.

---

Try reading this: https://bittrexglobal.zendesk.com/hc/en-us/articles/360009686919-Error-codes-Troubleshooting-common-error-codes

When I go to input the 6 digit code generated from the Google Authenticator once I enter the email address and password I keep getting the following message:

"The two-factor authentication code you specified is incorrect. Please check the clock on your authenticator device to verify that it is in sync."

I then sync the time and everything looks fine, yet I still keep getting the same message each time I try to use the codes generated by the authenticator.

Thank you to everyone for their support.

No, you can do this on your own phone\device.
Do you have any experience how 2fa works? Any of your logins already secured by 2fa?

1 - Open google or any other 2fa app you are using.
2 - Add (import) those codes
3 - When you want to login into secured account you have to enter the 6 digit number provided by this 2fa app (this number is changing every minute)

No, Google authenticator has nothing to do with google account.
The 2FA code you need to enter for logging to your account is backed up by your secret key.
As already mentioned, install Google authenticator or Aegis and import the secret key into the application. That's all you need to do.

As OP said, he/she has the secret key and that's enough for restoring the 2FA code.

Unfortunately there are still a lot of people out there who ignore the message about wills if they have asset that are still safely tucked away in their wallet or on an exchange account. What the OP has experienced so far should probably be a valuable lesson for all of us who have some money in bitcoin or altcoin and it is time for us to think about that will.

OP, when you are asked to fill in 2FA on the exchange you want to access, do you have the "forgot 2FA code" or "forgot password" option?
If you have that option, you may need to access your email or whatever next steps the exchange directs to recover a forgotten code or password.

Yes, and it should be set in a login state whereas you are currently unable to login to that account due to missing 2fa (I read your old thread). I am not a user of both exchanges, generally you will be asked to do KYC verification to delete 2fa. No other way.

I'm just curious about those 12 and 24 word phrases and 2 exchanges, if it's kept by your uncle it should be the key to access or recover something. You don't have to give it to anyone else. It is enough to search for information on each exchange's help, FAQ or suppport pages with the keyword "phrase 12 or 24". If it's a recovery code for 2fa, I'm not sure it can be used in any 2fa app. Try downloading some 2fa apps like G-auth, authy, aegis, or others. Maybe it will work for one of them.

Please forgive me.  I really don't mean to annoy anyone. Do i need to be logged into my uncles Google account to do this though?