Authorization token is invalid?

Comments

23 comments

  • Avatar
    98cr4j

    Logging out and back in again did not resolve the issue for me. Opendns currently has a password authentication disparity -- just because you can log in via the web interface does not necessarily mean that you can a) change your password via the web interface or b) log in via the updater.

    When resetting your password, they say it can be 256 characters long and must have special characters. However, my 32-character password containing the following special characters allowed me to log in via the web interface but said the password was inaccurate when I attempted to change it via the web interface. I assume that's why the updater displayed the authentication token issue to me:

    /?<@#^~-=[;

    Solution: On the login screen, click "Forgot password?", click the emailed link, and select a password with only the special characters they list. I also selected a shorter password. Once I did this, I was able to use the updater without getting the authentication token error message.

    7
    Comment actions Permalink
  • Avatar
    kaza007

    Nice work 98cr4j.

    my password contained an "!" which resulted in the "authorization token is invalid" error.

    Changed it to a "#" on the website and the app and all is well.

     

    3
    Comment actions Permalink
  • Avatar
    friendlydruid

    I don't like to necro a dead thread, but Google brought me here and the same may happen to others. So here is what I did when I got the same error today:

    1) Relogged by clicking "Change Account" and entering my email and password

    2) Completely exited the app, not just minimizing 
    3) Restarted the app

    And that fixed it for me. Hope this helps anybody else stumbling across this thread! :)

     

    2
    Comment actions Permalink
  • Avatar
    gadgets

    Confirmed, it's the special characters which are allowed in the website, but not allowed in the OpenDNS Updater app.

    I changed the password to include only the special characters listed on the website and that worked.

    2
    Comment actions Permalink
  • Avatar
    kesmit239

    Thanks for the tips. Just to add on. My password had several special characters. I changed it to only include "#". After completely closing the app and then restarting and logging in, it still said "Your authorization token is invalid" until I clicked the "Update Now" button. Then the warning went away.

    Mac OSX 10.14.6

    OpenDNS Updater 3.0

    1
    Comment actions Permalink
  • Avatar
    rotblitz

    Did you change your e-mail address or password at the OpenDNS website, but not in the Updater?

    0
    Comment actions Permalink
  • Avatar
    therafescv

    I did not. I tried re-entering my email and password both on the site and on the app, still showing invalid auth token. Any other ideas? Thanks!

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Thanks for the feed-back.  It certainly will help others.

    0
    Comment actions Permalink
  • Avatar
    jpgareri

    This worked for me too.

    0
    Comment actions Permalink
  • Avatar
    enrique.a.garcia

    It worked!

    Thanks

    0
    Comment actions Permalink
  • Avatar
    ayesamson

    I had to do the same as friendlydruid, I clicked change account, entered in my credentials and then terminated the app from the systray. Once I started the app again the error went away. 

    0
    Comment actions Permalink
  • Avatar
    markcb

    None of these steps resolve the problem for me. Any more ideas?

    0
    Comment actions Permalink
  • Avatar
    menno555

    I suddenly had the same here. Followed the advise that gadgets gave but I could not find anything on the OpenDNS page where they list characters. So just did an update of my password (with all kind of characters in it) and now the error is gone.

    0
    Comment actions Permalink
  • Avatar
    markcb

    After taking the suggested steps (clean password characters), it wasn't until I rebooted my PC that the issue resolved for me.

    0
    Comment actions Permalink
  • Avatar
    p.rinode123 (Edited )

    I got an email basically saying that OPENDNS was hacked and that my authorization token was invalid, and I needed to update it. Anyone else get this email? Is it a scam? Thanks. April 22nd, 2020. 

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    I didn't get the e-mail, but I'm pretty confident that this is a scam and maybe a phishing attempt.

    0
    Comment actions Permalink
  • Avatar
    mrjmh

    I also got the email on Apr 22nd. It looks legit to me. Here is the content of the email:

    Umbrella/OpenDNS Dynamic IP Updater Data Incident Notification

    You are receiving this notice as, according to our records, you are a user of the Cisco Umbrella/OpenDNS “Dynamic IP Updater” software. If an administrator contact was available, they are in the CC line of this email. Please see the bottom of this message for account information we have on file.
     
    On 13 April 2020, Cisco became aware that an Umbrella/OpenDNS diagnostics site was publicly accessible. We immediately disabled public access to the site and determined that some log events within the Dynamic IP Updater system were partially visible between March 26, 2020 and April 13, 2020.
    As a precaution, we have taken steps to help protect the security of your account and your action is required to restore full functionality. Cisco is committed to transparency and this communication provides further detail about this incident along with further instructions.


    Incident Analysis
    Upon notification, access to the Umbrella/OpenDNS diagnostics site was immediately disabled and Cisco confirmed it is no longer publicly accessible. After a comprehensive log review, we determined that a limited number of unauthorized users may have viewed log events that included the Dynamic IP Updater API Token.
    This token data could be exploited to review and/or modify Umbrella/OpenDNS configurations and view event history. While Cisco has seen no anomalous API token use within our system logs, we have also taken the precautionary measure of revoking the API token to protect the security of your account. You must follow the API Token Re-Generation instructions below to restore full functionality.
    For reference: The API Token is automatically generated when a new account is created. The API Token does not generally require any action to be taken by a user to manage. In this instance, the Token must be regenerated since the Umbrella/OpenDNS staff revoked your API Token to protect your account’s security.
     
    Action Required: API Token Re-Generation
    Revoking the API token prevents the Dynamic IP Updater client from updating the registered IP address. To restore full functionality, you will need to take the following steps for each instance of the Dynamic IP Updater: 
    1) Open the OpenDNS Dynamic IP Updater client
    2) Click “Change Account”
    3) Sign in again
    Detailed steps are outlined on this page:
    https://support.opendns.com/hc/en-us/articles/227987807-How-to-configure-the-OpenDNS-Dynamic-IP-Updater-Client

     


    Should you encounter any issues or are having difficulty reconnecting your client, please contact Umbrella Support at umbrella-support@cisco.com.
    Please note that if you do not regenerate the API token(s) as described, Cisco Umbrella/OpenDNS will no longer provide expected functionality as the security and content policies will be automatically set to an unconfigured state.
     
    Action Timeline
    Here is a summary of our actions taken:

    Date Action taken
    26 March 2020 Umbrella/OpenDNS diagnostic site became publicly available due to network configuration change
    13 April 2020 Cisco notified about unintended public access to diagnostics site
    13 April 2020 Cisco disabled access to site and began identification of impacted users
    14 April 2020 Further mitigation taken to eliminate possibility of token misuse
    22 April 2020 API tokens revoked; customers notified

     
    Cisco takes any data security incident very seriously and we are committed to quickly remediating such issues. Internally, we are working with the involved teams to assess why this occurred and what steps we can take to avoid a similar incident in the future. We are very sorry for any inconvenience or concern this incident may have caused.
     
    Please contact Cisco by replying to this email or contacting your account team if you have questions or would like to discuss further.
     
    Sincerely,
    Cisco Data Protection team
    We have the installer and related details noted as
    email: <my details redacted>

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    This looks indeed authentic.  It apparently concerns a limited number of users, having the official OpenDNS Updater.  That explains why many did not get this e-mail.  The ones who did should follow the advises.

    0
    Comment actions Permalink
  • Avatar
    noneishere

    had the same problem, i just uninstalled it, signed out from OpenDns dashboard, and then reinstalled it, and it worked.

    hope it works for you too.

    0
    Comment actions Permalink
  • Avatar
    chrisabe

    Another way it was fixed for me was by downloading and installing the client again.

    0
    Comment actions Permalink
  • Avatar
    vtin78

    En mi caso tuve que deshabilitar y volver a habilitar "Enable dynamic IP update"

    después

    Cerrar el programa y volver a abrirlo y listo

    0
    Comment actions Permalink
  • Avatar
    rotblitz (Edited )

    I cannot find this ever been reported before.  Uninstall the Updater and reinstall from scratch to see if the error disappears.

    -2
    Comment actions Permalink

Please sign in to leave a comment.