2FA Code Not Working? How to Fix It

If your authenticator app is producing codes but the site keeps saying they are wrong, the cause is almost always the same: your device's clock is slightly off. TOTP codes are generated from the current time, so even a 30-second drift makes every code invalid. Here is how to fix it — usually in under a minute.

The #1 cause: your clock is out of sync

TOTP — the standard behind Google Authenticator, Authy, and 2FAA — combines your secret key with the current time in 30-second steps, and the server does the same math. If your phone's clock drifts even slightly from real time, your codes will not match, even though the app looks like it is working perfectly. Fixing the time fixes the codes.

Fix the time on your device

Device	Steps
Google Authenticator (Android)	App → menu (⋮) → Settings → Time correction for codes → Sync now. Re-syncs just the app, not your phone clock.
Android (system)	Settings → System → Date & time → turn on "Set time automatically".
iPhone / iPad	Settings → General → Date & Time → turn on "Set Automatically".
Windows	Settings → Time & language → Date & time → "Sync now".
Mac	System Settings → General → Date & Time → "Set date and time automatically".

Other reasons a code gets rejected

Cause	Fix
Code expired mid-entry	It changed while you were typing. Wait for the next one and enter it quickly.
Wrong account	You have several secrets and copied from the wrong one. Match the issuer/label.
Spaces or a missing digit	Enter all 6 digits, no spaces.
It is actually a backup code	Backup codes go in the "backup code" field, not the authenticator field.
8 digits or non-30s period	Rare, but some setups differ. Re-check the original 2FA setup.
Reused code	Many services reject an already-used code. Wait for the next one.
Server clock / outage	Occasionally it is the service's side. Try again in a few minutes.

A 30-second checklist

Set your device clock to automatic (on Android, also run Google Authenticator's "Time correction").
Confirm you are reading the code for the right account.
Enter all 6 digits with no spaces, and submit before the timer runs out.
If it still fails, generate the code in 2FAA — it uses your browser's network-synced time, which sidesteps device drift entirely.

Codes that always use the right time

2FAA generates TOTP codes in your browser using accurate network time, so clock drift is one less thing to debug. Free, private, no install.

Open 2FAA How TOTP works

FAQ

Why does my authenticator say the code is invalid?

The most common reason is that your device's clock is slightly off. TOTP codes are calculated from the current time in 30-second steps, so even a small drift makes every code mismatch — even though the app looks like it is working. Setting your clock to automatic almost always fixes it.

How do I fix time sync for Google Authenticator?

Open Google Authenticator, tap the menu (⋮) → Settings → Time correction for codes → Sync now. This re-syncs the app's internal clock without changing your phone's system time. On other apps, just set your device date and time to automatic.

Do 2FA codes expire?

Yes. A standard TOTP code is valid for 30 seconds and then a new one replaces it. If the code changes while you are typing, the one you entered may already be expired — wait for the next code and submit it quickly. Most services also accept the immediately previous code for a few seconds to allow for this.

Can I use the same 2FA code twice?

Usually no. Many services reject a code that has already been used, even if it is still within its 30-second window, to prevent replay attacks. If a login fails and you retry, wait for the next code rather than re-entering the same one.

The time is correct and it still fails — now what?

Check that you are reading the code for the right account, that you typed all 6 digits with no spaces, and that you are not entering a backup code in the authenticator field. A few accounts use 8-digit codes or a non-standard period; if so, re-check the original setup. If nothing works, the secret may be wrong — re-enroll 2FA on the account.