Skip to content

Mistyping encryption password and generating HOTP code causes data corruption #348

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sfalvey opened this issue Jul 3, 2019 · 1 comment
Closed

Mistyping encryption password and generating HOTP code causes data corruption #348

sfalvey opened this issue Jul 3, 2019 · 1 comment
Labels
bug Something isn't working P1 Issues must be resolved

Comments

@sfalvey
Copy link

sfalvey commented Jul 3, 2019

Describe the bug: Mistyping encryption password prevents future use of counter based code

Steps to recreate

  1. Start browser normally, use correct unlock password for authenticator
  2. Create a counter based code
  3. Quit browser
  4. Start browser normally, use incorrect password for authenticator
  5. Click the counter based passwode note it will respond with "Encrypted"
  6. Quit browser
  7. Start browser normally, use correct unlock password for authenticator
  8. All time based codes will no longer say "Encrypted" but counter based one clicked above never works again. Only option is to reregister which with a counter based means tons of clicking to get the code to one that can be used again.

Platform: MacOS

  • Browser: Firefox
  • Browser Version: 67.0.4
@mymindstorm mymindstorm added bug Something isn't working P1 Issues must be resolved labels Jul 3, 2019
mymindstorm added a commit that referenced this issue Jul 3, 2019
@mymindstorm
fix #348
8f898be
@mymindstorm
Copy link
Member

mymindstorm commented Jul 3, 2019
edited
Loading

The data only gets corrupted when you click the button. Just getting the password wrong won't corrupt the secret data for that account.

@mymindstorm mymindstorm mentioned this issue Jul 3, 2019
Merged
@mymindstorm mymindstorm changed the title Mistyping encryption password prevents future use of counter based code Mistyping encryption password and generating HOTP code causes data corruption Jul 3, 2019
mymindstorm added a commit that referenced this issue Jul 9, 2019
@mymindstorm
Refactor UI code (#352)
bde35d1 
* change compile options

* move interfaces to .d.ts files and add an interface

also gts fix

* - updated all dependincies to latest
- fiddled with webpack until SFCs started working properly

* gts fix

* vuex

* wip

* stuff

* it renders now.

* load svgs in a less messy way

* Move main body to component

* - about page
- add account page

* modal pages to sfcs

* info => pagehandler

* first mutation

* more basic stuff

* info works

* edit button

* Codes exist

* codes update and password entry works

* fix #348

* - Adding accounts manually works properly
- updateEntries

* - ok and confirm messages
- delete accounts

* lock

* remove edge stuff

* qr

* copy code

* filter

* - search
- init stuff
- popup resize
- remove managed

* qr

* add getter to check if entries show as 'encrypted'

* dragula works and ignores drag if not editing

* Fix issues with secrets getting set to 'Encrypted' in storage.

* prefrences page

* sync clock

* change password

* export

* change storage space

* drive

* dropbox

* - uploads from backround on first login
- runScheduledBackup

* import

* hotp next

* cleanup

* change invalid hash behavior to warning
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working P1 Issues must be resolved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sfalvey @mymindstorm