Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auto delete spaces in security key #101

Open
1 task
leonlazic opened this issue May 28, 2024 · 1 comment
Open
1 task

Auto delete spaces in security key #101

leonlazic opened this issue May 28, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@leonlazic
Copy link

Steps To Reproduce

  1. Generate a security in Meta Account Centre '...'
  2. Copy the key
  3. Manually add the key
  4. Don't delete the spaces in between the segments

Expected Result

It would be nice if the key needn't be modified by deleting the spaces manually.

Actual Result

The app reports "Error reading the key".

Screenshots or Videos

No response

Additional Context

No response

Build Version

2023.5.0 (38)

Environment Details

  • iPhone 15 Pro IOS 17.4.1

Issue Tracking Info

  • I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
@leonlazic leonlazic added the bug Something isn't working label May 28, 2024
@Gerardv514
Copy link

Gerardv514 commented Sep 2, 2024
edited
Loading

I suffered from spaces in the TOTP key as well; I've submitted my findings to Bitwarden Support via email.

I exported 30+ totp items from Bitwarden Application (the integrated totp's). I then imported these items into Bitwarden Authenticator and since this was a new app I was skeptical about issues, therefore I counted up all items in BW Authenticator app. Sure enough I was missing 4 items without warning!! This is bad since if I would have not counted up and realized some were missing I would have wiped out the TOTP's from my original TOTP app, thus I would have been LOCKED OUT of these 4 accounts. For me (tech savvy guy) I have recovery codes and I double check this stuff, but to someone who does not think about this stuff (the less tech savvy person) will have potentially irreversible harm with this. Upon checking to see what is common among these 4 items, all of them were about 32 characters in length and the TOTP key was dividing into sections of 4 characters.

Upon manually entering these keys into BW Authenticator app I received the above error as well. Therefore, if you import TOTPs into BW Authenticator any item containing a key with spaces will be IGNORED.

Technically I think there's two issues here that need to be addressed:

  1. There are sites that provide TOTP keys with spaces, you have to allow that in. The BW app, integrated TOTP allows it.

  2. When importing TOTP keys, these items should have errored letting the user know it wasn't imported. At the very least prompt a message stating XX number of items were imported successfully, maybe cross check your list even before destroying the previous TOTP app.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@leonlazic @Gerardv514