Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Ente Photos Android] Can't use TOTP when passkey fails during sign in; also "use recovery code" doesn't work #3935

Open
taivlam opened this issue Nov 4, 2024 · 0 comments
Open

[Ente Photos Android] Can't use TOTP when passkey fails during sign in; also "use recovery code" doesn't work #3935

taivlam opened this issue Nov 4, 2024 · 0 comments
Labels
triage

Comments

@taivlam
Copy link

taivlam commented Nov 4, 2024

Description

  • I first encountered this issue when I tried signed in for Ente Photos on Android, after signing in successfully on desktop.
    • I couldn't use passkeys to sign into my Ente Photos account, as I use GrapheneOS without Play Services.
  • Trying to pick "use recovery code" only brought me back to the new app screen.

What I expected

A fallback option to use TOTP during the login process, if the passkey option failed (for whatever reason). An example I can remember where this approach is used is Bitwarden's Android app.

What actually happened

This method that I discovered blindly was so user-unfriendly that I believe this is probably should not be allowed to happen.

  1. My default browser is Mull. When the Ente Photos app opens the browser page to process the passkey in Mull, I can't use my SoloKey 2 devices in Mull; so I cannot proceed.
  2. In Ente Photos, there are 3 buttons, which are, respectively, something like: check status (again), try again, and use recovery code.
    • I tried using the "recover account" option, but tapping this option only brings me back to the main screen (when Photos is set up for the first time).
  3. After several attempts, I noticed a screen that one of these screens in Ente Photos mentions something among the lines of: the link opened in a browser can be used in any browser.
  4. I got the idea of sending it to myself (via Signal Desktop) and opened it on my computer (using LibreWolf).
  5. I was able to use my SoloKey 2 device to authenticate on my computer, and pressed the quote-unquote "Recheck status" button again on Android.
  6. Finally, I was able to log into Ente Photos on Android.

(I think this method would work with Chromium-based browsers with Play Services installed, but that is an aside.)

Suggested approach to resolve

  • For new users, the Ente account login process in Ente Photos should allow users to easily use the "fallback" option of TOTP as a 2FA method when signing in via the mobile app.
  • For existing users who have passkeys enabled but no TOTP, request users to set up TOTP upon their next login. (See discussion Recover Account no Passkey no recovery Codes #3526 for why I included this case.)
  • Make sure the "use recovery code" option works for Photos Android app

Details

Mobile device

  • Google Pixel 5a (device nickname barbet)
  • Android 14/GrapheneOS version 2024101200
  • Ente Photos installed via Droid-ify/F-Droid

Version

0.9.53

What product are you using?

Ente Photos

What platform are you using?

Mobile - Android
@taivlam taivlam added the triage label Nov 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@taivlam