Let's say, there are 2 browsers A and B with the same encrypted data:

{
  hash_1: {
    secret: <encrypted secret_1 with password_1>
  }
}

Once the user changes password in A with password_2, data on A is now:

{
  hash_1: {
    secret: <encrypted secret_1 with password_2>
  }
}

Now we know account data with hash_1 on A is newer then B, so B's data with hash_1 will be overwritten by A, in another word, one day, data with hash_1 will also have secret encrypted with password_2 on B.

However, we know data sync with Chrome is not instantly, user possible add another account with hash_2 with the old password_1 on B, that is to say B is not synced with A in time, but another account is added. Now data on B is:

{
  hash_1: {
    secret: <encrypted secret_1 with password_1>
  },
  hash2: {
    secret: <encrypted secret_2 with password_1>
  }
}

We notice that data with hash_1 will be synced to A from B, and data with hash_2 will be synced to B from A, then both of A and B have such data:

{
  hash_1: {
    secret: <encrypted secret_1 with password_2>
  },
  hash_2: {
    secret: <encrypted secret_2 with password_1>
  }
}

We cannot handle multi-password currently, so the user will only see part of accounts with different passwords, and Export / Import, Security, Add account will never work.

We really need provide a method to allow users to fix their data then.

Why when I try to open the program can only see a white window, and the codes do not appear?

@mymindstorm do you have any uncommited work after 5458490 ? I will do a rebase on dev branch to fix messed commit line if it is okay.

@Sneezry pretty much all the big CI (travis / circleci) services have a free tier for open source software, do you want me to try to throw something basic together?

Things to test:

• addons-linter
• gts check
• npm compile

firefox version 57.0.4(64bit)

The about content is just a set of license information, how about move it into popup.html, and just leave it as English?

Is there anything else major to finish before merging and deploying 5.0.2? I think what we have is pretty solid for a release.

Version disabled, investigating cause.

code generated for bittrex is 000000

Just FYI: I've added a signed version of the Firefox build to the pre-release tag. Firefox is a bit more strict on unsigned extensions, so you might not have to create an unlisted version.

Here, there shall be fields for both issuer & account name

Here's a sample barcode from the process:

Users checked remember passphrase checkbox in extension may forget password themselves, we should load cached password for them, and remove cached passphrase after they change the passphrase in the next time.

Message windows should have a border and like everything else.

Following Dropbox team's suggestion, change OAuth to token flow from code flow, and remove app key and app secret from source code.

d9a754e

import.html will handle both import from file and old version backup code

One of the websites I login to requires a Yubikey that uses the OATH-HOTP protocol. Unfortunately, pasting the Yubikey secret key into Authenticator doesn't work.

Downloaded backup:

{
  "b20f962cbf083014474164e0504eb65c": {
    "account": "[email protected]",
    "hash": "b20f962cbf083014474164e0504eb65c",
    "issuer": "",
    "secret": "QXA5R6AHKYP557S2OMVGQNVPIJYELMQD",
    "type": "totp",
    "encrypted": false,
    "index": 0,
    "counter": 0
  },
  "test": "test"
}

test key should not be there.

chrome.storage.sync.set({"test": "test"}) and download backup to repro

'Dropbox Token' is missing a zh-cn translation

I don't really understand how to use the dialog past pasting the code into the Dropbox code field. Maybe add some sort of status text and make the token field readonly if you aren't supposed to put anything there?

No response when clicking the Export / Download Backup button.
v5.0.6 in Chrome

I'm sure WebExt can add a costumed context menu in Firefox but I'm not sure about Chrome/Chromiums

Is there any other changes we need to merge before release v5.0.7? Is it okay for us to release v5.0.7 on March 17th?

Currently we have two buttons in different size on Dropbox setting UI, how about changing the big one into a link and move it next to Dropbox code label?

Actually, a lot of site will generate such tokens with (=), e.g. Amazon, Dropbox, Vultr. I'm pretty sure there will be more.

When the file select dialog comes up, it closes the popup and stops processing js.

@krabiki can you follow the steps here then open the extension and go to the "white window". Copy and paste any console messages here.

Also, when does the "white window" appear? When you open the extension or when you try to import?

23e50ab#diff-f91f6f0a2ea2d1a98a57fa85b3672ba8L163

Currently, we check if issuer contains active tab url domain to filter entries. It is too weak. If the issuer is GitHub, then the entry should be filtered when user opens github.com