Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error code: 2001 #17

Open
vanndigital opened this issue Sep 22, 2019 · 5 comments
Open

Error code: 2001 #17

vanndigital opened this issue Sep 22, 2019 · 5 comments

Comments

@vanndigital
Copy link

Describe the bug

To Reproduce
Steps to reproduce the behavior:

  1. Go to 'WP Admin Dashboard'
  2. Click on 'SEO Extension Manager'
  3. Scroll down to 'the bottom of the SEO Extension Manager page'
  4. See error

Expected behavior

I'm getting this error message:

"Error code: 2001 — An error occured while verifying the options. Security keys have likely changed and enabled extensions are now inactive. If this error keeps coming back, please disconnect your account and try again."

Screenshots

Additional context
@sybrew
Copy link
Owner

sybrew commented Sep 23, 2019

Hello @vanndigitalnetworks!

This issue may happen when you update your wp-config.php AUTH keys, or when you change domains.

To resolve this, please hit the disconnect button under "Account and Actions" (you may need to scroll down) a few times until you're kicked back to the activation page. Then, you can reconnect. Reactivate the extensions you wish to use, and you're all set!

No extension-settings will be lost in this process.

If you're still facing issues, let me know! Cheers 😄

@vanndigital
Copy link
Author

But that's just it, I haven't changed anything (wp-config.php AUTH keys nor domains) I don't think.

But I'll see what happens today then reply if it happens again...

@vanndigital
Copy link
Author

So I've since uninstalled this plugin because I got tired of having to disconnect it then reconnect it every few days because of this same error...

@sybrew
Copy link
Owner

sybrew commented Oct 2, 2019

I completely understand your frustration!

Do you have a "security" plugin activate with an option enabled that changes the authentication/nonce/salt keys? These are the keys I am mentioning: https://api.wordpress.org/secret-key/1.1/salt/.

If you can find and disable that option, the error should no longer pop up.

Changing the keys is a useless "security" feature, and you can safely disable it and leave the keys as-is for an eternity. Below follows an explanation, which only scratches the surface.

Those salt keys are best kept a secret, but even if they leak out, it's not an issue. This is because developers must adhere to a strict security framework where those keys are only meant to prevent rainbow table (database) lookups. They're only one part of a giant puzzle.

Even when someone were to obtain or reverse-engineer the keys, it'll take them a few billion years to create the required nonces from the keys. Even if they are successful in that, they must still obtain your session tokens (cookies); I bid them good luck with that. Again, the keys are only there to prevent crackers from creating a database of results--which, again, will only be a part of the imposed security framework and that would still not allow them to hack your site.

I condemn "security" plugins making a living from creating bespoke fear on subjects not well understood.

@vanndigital
Copy link
Author

VaultPress is the closest thing to a security plugin I use...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sybrew @vanndigital