Skip to main content



How can we help you?


Druva Documentation

Multi-Factor Authentication failure with invalid security token error

Heads up!

We've transitioned to a new documentation portal to serve you better. Access the latest content by clicking here.

This article applies to:

  • Product edition: CloudRanger

Problem description

After providing a token to an authenticator app, such as Google Authenticator or Microsoft Authenticator, CloudRanger administrator fails to set a multi-factor authentication (MFA). The configuration fails with the below error:

An error has occurred: Invalid security token.


Due to a time mismatch between the authenticator app and the public server, the token generated from the app after scanning the QR code from the admin console becomes invalid by the time you supply it on the CloudRanger administrator console. 


Sync the time of the authenticator app with that of the public server.

  1. Go to the main menu on the Google Authenticator app.
  2. Tap More Settings.
  3. Tap Time correction for codes.
  4. Tap Sync now.

On the next screen, the app confirms that the time has been synced, and you should now be able to use your verification codes to sign in.

 The sync only affects the internal time of your Google Authenticator app, and does not change the Date & Time settings of your device.