The most common reason 2FA is invalid is because the date or time is not set up correctly on your device.
To fix this, for Google Authenticator on Android, please follow the steps below:
- Open Google Authenticator app
- Go to Settings
- Click on Time correction for codes
- And click Sync Now
If you're using iOS, please follow the steps below:
- Open your device's Settings
- Go to General > Date & Time
- Turn on Set Automatically and allow your device to use its current location to determine the correct time zone
My time is correct but I'm still getting invalid 2FA:
If your time is set up correctly and it's in sync with the device you're trying to log in from, you could be getting invalid 2FA because you're not entering the 2FA for the platform you're trying to log into. For example, if you also have a Testnet account with 2FA and you're accidentally trying to use that code to login to BitMEX mainnet, it will be an invalid 2FA code.
If that's not the case, please have a look at What if I lose my 2FA? article to see what you can do to get it disabled.