Android passwords app + 2FA + e2e does not work

iwzrr · March 9, 2021, 4:28pm

I am trying to use passwords with an e2e password and 2fa. It works very well with the browser-extension, but it fails with the Android app.

On the first usage, the passwords app asks me to log in. To avoid any issues with 2fa, I created an app password and I logged in with it.
Then it asks me for the next password.

asking_password_in_app1080×2047 28.3 KB

I assume it is the e2e password? However, that one fails (yes I am sure it is the correct password!), and also if I enter the nextcloud app or normal password, that one fails as well.

After several tries I am getting the notification:

We have detected several failed attempts to unlock your password database by “Nextcloud Passwords App”. This could indicate that someone is trying to break into your account. To prevent further attempts, the API credentials of this client were revoked. Also, password based API authentication has been disabled. If you want to continue using this client, you need to create a new token for it. If you don’t know this client, please change your password and review your device list.

Nextcloud log also says:

OCA\Passwords\Exception\ApiException: Password invalid
/nextcloud/apps/passwords/lib/Services/UserChallengeService.php - line 128:
OCA\Passwords\Helper\Challenge\ChallengeV1Helper->solveChallenge(“*** sensiti … “)
/nextcloud/apps/passwords/lib/Controller/Api/SessionApiController.php - line 198:
OCA\Passwords\Services\UserChallengeService->validateChallenge(”** sensiti … “)
/nextcloud/apps/passwords/lib/Controller/Api/SessionApiController.php - line 123:
OCA\Passwords\Controller\Api\SessionApiController->verifyChallenge(”** sensiti … *”)
/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 169:
OCA\Passwords\Controller\Api\SessionApiController->open()
/nextcloud/lib/private/AppFramework/Http/Dispatcher.php - line 100:
OC\AppFramework\Http\Dispatcher->executeController(OCA\Password … {}, “open”)
/nextcloud/lib/private/AppFramework/App.php - line 152:
OC\AppFramework\Http\Dispatcher->dispatch(OCA\Password … {}, “open”)
/nextcloud/lib/private/Route/Router.php - line 309:
OC\AppFramework\App::main(“SessionApiController”, “open”, OC\AppFramew … {}, { _route: “p … “})
/nextcloud/lib/base.php - line 1008:
OC\Route\Router->match(”/apps/passw … n”)
/nextcloud/index.php - line 37:
OC::handleRequest()

Which is of course correct. Resetting the app and removing it from the device list does not really help. Because the retrying leads to the same result.

Does anyone have the same issues?! Maybe I understood something wrong?

Cheers, Iwan

t0bi · March 13, 2021, 7:45pm

Same problem here. So far I was not willing to give up on 2fa for my passwords but I got the same results as you. From your screenshot it looks like the NC Passwords app. Same thing happens to me there. I used the Nextcloud Passwords app on Android as well an it’s not working either.

just · March 13, 2021, 7:48pm

Copying over my suggestions from the other topic…

iwzrr · March 14, 2021, 7:49pm

Oh wow, that was a good one. The Commit Don’t require 2FA anymore seems to solve it.
In fact, it is what I wanted.
2FA is required on the first logon, but it was a pain to add the 2FA token to login to the passwords app itself.