Skip to content

DecryptException error – Mac invalid

By Jasper Frumau

Developing locally I got into issues with Laravel Fortify 2 factor authentication. I often got an error caching issue related to the two factor authentication keys in tandem with the APP_KEY:

PHP 8.2.15
The MAC is invalid.

I did set cache driver to null and CACHE_DRIVER=null then also did php artisan:config:clear besides composer dump-autoload --no-dev but then I got

Class "Barryvdh\Debugbar\ServiceProvider" not found

Reinstalled Debug Bar using composer require --dev barryvdh/laravel-debugbar . Then I did a php artisan config:clear again and removed cookies and local storage. Still seeing the error after adding the two factor authentication code.

Realized I needed to remove/replae the two factor secret key and recovery codes as those were encrypted using a different key, but fortunately found the old API Key and that worked.

Two Factor Codes Update Command

A command to update the key and recovery codes for a user could be something like

namespace App\Console\Commands;
use Illuminate\Support\Facades\DB;
use Laravel\Fortify\Actions\UpdateTwoFactorAuthentication;

class UpdateTwoFactorAuth extends Command
    protected $signature = 'update:2fa {userId}'; // Add the user ID as an

    protected $description = 'Update two-factor authentication for a user';

    public function handle()
        $userId = $this->argument('userId');

        if (!$user = User::find($userId)) {
            $this->error('User not found.');

        if (!$user->hasTwoFactorAuth()) {
            $this->warn('User does not have two-factor authentication enabled. Cannot update.');

        $provider = app(UpdateTwoFactorAuthentication::class);
        $secretKey = $provider->generateSecretKey();
        $recoveryCodes = json_encode(Collection::times(8, function () {
            return RecoveryCode::generate();

             ->where('id', $userId)
                 'two_factor_secret' => encrypt($secretKey),
                 'two_factor_recovery_codes' => encrypt($recoveryCodes),

        $this->info('Two-factor authentication updated for the user!');

Now, when you run this command from the terminal, you can specify the user
ID as an argument. For example:

php artisan update:2fa 1