0xbb / otp-authenticator Goto Github PK

Currently, it is possible to scan a QR code twice and add duplicate entries. The codes are exactly the same. The app should prevent this.

Hello! I want to contribute on your project with making logo design. What do you think about it?

Arslan Şahin
Graphics Designer

It seems this app uses credential storage. However, this has some (unintended?) results.

If a entry is added to the authenticator, it prevents the device from disabling the lockscreen (the option states "Disabled by administrator, encyption policy, or credential storage")

One can use "Clear credentials" under the Security settings to clear these, but that also clears all entries added to the authenticator.

This is quite unfortunate.

When I perform this sequence of events, the scroll list on screen goes back to the top:

1. Scroll Down
2. Orientation Change

This will be obsolete when implementing #10

If a wrong QR Code is scanned, nothing happens.
Sometimes I try to scan a HOTP QRCode. Nothing happens. I am sitting and waiting and wondering, till I realize it was not TOTP.
A popup telling me "This is no valid QR Code. We only support TOTP" would be great.

When I perform these sequences of events, the dialog on screen disappears:

Sequence 1:

1. Click on More...
2. Click on About
3. Orientation Change

Sequence 2:

1. Long Click on item in list
2. Click on Rename
3. Orientation Change

Sequence 3:

1. Long Click on item in list
2. Click on Delete
3. Orientation Change

I have problem connecting to camera, the message is: Sorry, the Android camera encountered a problem. Still error after restarting the device.

My device is Moto G XT1033

Hello, we are a group of researchers that investigate the occurrence of flaky tests in Android.

We voluntarily ran your GUI tests 12 times and found that some tests pass or fail non-deterministically, which characterizes them as flaky tests [1]. Below we list each flaky test we found, and its number of failures.

• test005EditMode - failed 10 times (stack trace)
• test008Delete - failed 8 times (stack trace)
• test002NocodeScanned - failed 2 times (stack trace)
• test003AddCodes - failed 2 times (stack trace)
• test003CodesChange - failed 2 times (stack trace)
• test004Rearrange - failed 5 times (stack trace)
• test005RenameCancel - failed 3 times (stack trace)
• test006Rename - failed 3 times (stack trace)
• test007DeleteCancel - failed 2 times (stack trace)
• test001InvalidQRCode - failed 1 time (stack trace)

We ran these tests on a generic Android Emulator (AVD) with Android API version 28.

If you confirm this behavior, our suggestion is to add the @FlakyTest annotation on these tests. See https://developer.android.com/reference/androidx/test/filters/FlakyTest

If you wish for a repair proposal, please let us know.

[1] https://hackernoon.com/flaky-tests-a-war-that-never-ends-9aa32fdef359

Graciously,
Denini, Leopoldo and Marcelo.

It'd be great if I could enable 2-factor authentication on Launchpad, but unfortunately this app doesn't support the right protocols.

It would be nice to have a ex-/import feature. Or at least the possibility to backup the app via Helium. This would help when setup a new ROM. I know this can be a security problem, but maybe make it optional and only available for a new database. Create a message which inform the user when first time run the app, that this feature can only get activated now or never.

When I wipe my cache and dalvik cache in TWRP, my accounts keep getting deleted from the app. I don't know if I'm not supposed to wipe cache or it's how the app works.

I enjoy your awesome app, @0xbb! Would you please add a dark theme for privacy geeks like me? 😺

Hi there, really love andOTP. Thank you for the great work!
Generally, I'd like to support the android autofill request. But if not easily to implement, you may consider to change the behaviour of the option "switch to background after copying" into "switch to task switcher after copying". This would enhance using andOTP to a more fluent experience.

There is a slight gradient under the status bar in Android 5.0+, which looks strange since the status bar is supposed to be one flat color, like in other apps. I think this is because the darkened status bar is implemented as a transparent layer on top of the app. Could this be fixed? I'm unable to screenshot the issue, but just compare the status bar background from this app with something like GMail's.

see archiecobbs/mod-authn-otp#34

I want to use my OTP Authenticator with a server running https://github.com/archiecobbs/mod-authn-otp . Please can you explain (in detail) the needed steps, OTP Authenticator is already installed, and also https://github.com/archiecobbs/mod-authn-otp .

Really appreciated to have a fingerprint signing implemented!

It would be nice to copy the current code of an account to the clipboard. It would be a big ux improvement in combination with KDE connect or other clipboard share apps or when you want to sign in on the same device. And I think this is no security problem.

In the event that one's phone is stolen, lost, or damaged, it is important to have a backup of the secret keys as some websites/services do not provide backup codes. Since this app does not allow adb backup, nor does it have an export/backup function, the secret keys must be backed up by the user upon generation. One could either take a screenshot of the QR code or save the text version of the secret key.

Since taking a screenshot of every QR code is bothersome and painstaking, not to mention insecure (even if saved to an encrypted volume, the OS may inadvertently save to /tmp or elsewhere unencrypted), I'd like to request that a feature be added to this app which allows adding an account using the text version of the secret key.

I very much enjoy the simplicity of this app and was very happy to see an alternative to FreeOTP added to F-Droid. I applaud such simplicity and intuitiveness of the user interface, however I do feel like this is a necessary feature if the decision to disallow a backup/export function is upheld.

Thank you for your time!

Add a search feature so easily find keys

Hi,
first of all thanks for this nice app, does its job as intended as is good to use.
As I am having quite a number of sites I use it with I have a wish for better organizing and finding the entries:
Is it possible to implement a group or directory structure to save entries in?
Personally I would prefer several lawyers, e.g. work -> office -> tools or private -> finance -> banking
Thanks in Advance

I've just seen your app on Fdroid, it's great. I miss this feature from FreeOTP, though: tap copies code to clipboard.

Unrelated, it would be great if there would be a way to migrate all my codes from FreeOTP to your app.

In OTP Authenticator every code is shown automatically, while a more secure approach would be showing a code only if the user taps on it (like in FreeOTP). Can you please add a Tap-to-show option?
Thanks

Maybe you can add this :)

I've been using AndroidToken until I found your app and actually liked that AndroidToken was able to lock the access to the tokens with a PIN. Not sure how difficult it would be to implement this, but with the new smartphones out there, it would be lovely if access could be restricted with a PIN or even fingerprint.

Hello,

A cool feature implemented in Authy app : when you enter an app to get the code, you can tap a button to copy it in the clipboard. As codes are directly shown, I think a simple tap should copy code to clipboard.

Better option, but surely lost complicated could be adding a keyboard with a selector (to choose an account), and a button to send code like if you have typed it manually. (I took this idea to password safe, which handles a keyboard to send passwords in fields.)