Password-based encryption:

This issue is the result of an upstream bug in certain custom ROMs. Since version 0.4.0 everyone facing this problem can switch the database encryption to the new password-based encryption in the Settings, which SHOULD solve it.

Help wanted:

Could everyone facing this problem please tell me those things:

• Model of your phone
• Which ROM are you using (exact version please)
• Which Gapps are you using (as well with the exact version)
• Which method are you using to lock your phone (PIN, Pattern, Swipe, Facelock, Fingerprint, ...)

You can add those information directly to the wiki or post them here.

Original issue

Since the last update all my tokens are gone if i restart the app (or even if it it just moved to the background).

Steps to reproduce

1.) add new token via QR-Code scan -> token is listed in the app 2.) go to homescreen 3.) switch to app again

Expected Behaviour

added token is still there

Actual Behaviour

no token listed

App Version: 0.2.3 (Play Store) Android Version: 5.0 Device: BQ Aquaris E4.5

Please report all bugs encountered in the test version for password-based encryption here! Provide a detailed description of how you encountered/reproduced the bug and a logcat!

Download of the test version:

• v6 (current, beta): https://cloud.shadowice.org/s/a5RE3UovB6BuFjf
• v5 (beta): https://cloud.shadowice.org/s/y1Ckm2Ar5ewGBEk
• v4 (beta): https://cloud.shadowice.org/s/0vdIcBNKBA6wZ4n
• v3 (beta): https://cloud.shadowice.org/s/0keZJG5jzBIG4st
• v2 (alpha): https://cloud.shadowice.org/s/Ek6dxFqOyg60nYh
• v1 (pre-pre-pre-alpha) https://cloud.shadowice.org/s/32vZoc5Qojd53OE

You will have to uninstall previous versions from F-Droid or Google Play before installing the test version.

Hey guys, it's time to ask for your opinion again.

@RichyHBM is currently in the process of implementing the ability to assign icons to the entries in andOTP (see #14).

We decided not to implement an option to manually select icons as this would make storage and backups very large and a lot more complicated. Instead we will be shipping a selection of pre-defined icons with andOTP which can be selected. For that reason we wanted to know:

Which icons do you want to see shipped with andOTP?

If you want to help even more please link an icon with your suggestion so I don't have to search every single one myself. Please only use icons that are available as vector graphics, everything else will increase the size of andOTP to much. You can head over to this Github repository to find a large collection of vector icons (searchable website here).

I will try to collect the suggestions periodically in this first post to give a quick overview. Icons I added to this post will be crossed out of the original post suggesting them.

Icons to be included

Icon | License | Comment | Included ----- | ---------- | ------------- | ----------- Amazon | | | ✅ AngelList | CC0-1.0 | | ✅ Apple | CC0-1.0 | | ✅ BattleNet / Blizzard | | | ✅ Bitbucket | CC0-1.0 | | ✅ Bitcoin | CC0-1.0 | | ✅ Bitstamp | | | 🔶 (no vector) Bitwarden | | | 🔶 (no vector) Cloudflare | CC0-1.0 | | ✅ Coinbase | | | ✅ Cozycloud | | to large | ✅ Digital Ocean | CC0-1.0 | | ✅ Discord | CC0-1.0 | | ✅ Dropbox | CC0-1.0 | | ✅ Facebook | CC0-1.0 | | ✅ Git | CC0-1.0 | generic | ✅ Github | CC0-1.0 | | ✅ GitLab | CC0-1.0 | | ✅ Google | CC0-1.0 | | ✅ IFTTT | CC0-1.0 | | ✅ Kickstarter | CC0-1.0 | | ✅ LastPass | | | ✅ Mailgun | CC0-1.0 | | ✅ Mastodon | | too large | ✅ Microsoft| CC0-1.0 | only the icon | ✅ Origin | | | ✅ Nextcloud | | | ✅ Paypal | CC0-1.0 | | ✅ Protonmail | | too large | ✅ RSS-Feeds | | | ✅ Slack | CC0-1.0 | | ✅ Steam | CC0-1.0 | | ✅ Stripe | CC0-1.0 | | ✅ Twitch | CC0-1.0 | | ✅ Twitter | CC0-1.0 | | ✅ WordPress | CC0-1.0 | | ✅

Icons without image (yet)

• ArenaNet
• Hurricane Electric
• Teamviewer
• Ubisoft

General information

• App version: 0.6.1
• App source: F-Droid but I have also tried with the Google Play version
• Android Version: 4.4.2
• Custom ROM: No

Expected result

What is expected? The code is accepted by the service and 2FA enabled What does happen instead? Every service gives a similar error message: "Invalid code" or, in GitHub's case, "Two-factor code verification failed. Please try again."

Logcat

https://pastebin.com/d3VPLBZq

Captured on Linux with adb logcat | grep -i "org.shadowice.flocke.andotp"

Steps to reproduce

• Create a new (or reuse an existing) account with services that offer 2FA TOTP
• Scan the QR code or manually input the secret
• Use the code provided by andOTP to enable 2FA

I have also already manually setting my timezone and time on both the phone and the computer to no avail. I have also looked at #269

andOTP was recently removed from the Google Play Store for violating their payment terms. This is most likely due to the fact that we offer in-app donation links that DO NOT use Googles In-App billing, which is against their terms.

As a first step to get it back on Google Play I will try to provide a build flavor without donation links. The second step would be to (maybe) include Google Play In-App billing in that flavor, but I'm not sure I want to do that.

Please share your opinions on this!

In order to quickly select the right entry or simply view the associated OTP in a faster way it would be nice to have a user selectable little icon/picture for each line.

Idea reposted from Telegram. Please feel free to edit this issue's title/description.

Preparing and optimising icons doesn't really have much to do with TOTP. If possible, it might be a good idea to investigate outsourcing the icon maintenance to a third party.

There are several interesting icon projects around, one nice example is SuperTinyIcons: https://github.com/edent/SuperTinyIcons

This solves two problems:

• You can just close tickets about icons and redirect people upstream. Resolves maintenance issues like existing icon consistency: https://github.com/andOTP/andOTP/issues/365
• If the icon package is kept updated and new versions are pulled into andOTP regularly for releases then people will continue to get new icons available in the core without having to use custom icons.

General information

• App version: 0.6.1
• App source: Google Play
• Android Version: 9
• Custom ROM: No

Expected result

What is expected? That I'm prompted for fingerprint first when selecting Device Credentials and if that fails I'm optionally asked for a PIN.

What does happen instead? Both the PIN keypad and the fingerprint icon appear, scanning the fingerpint has no effect and I always have to enter the PIN

Steps to reproduce

• Install the app
• Switch encryption to Android KeyStore
• Switch authentication to device credentials
• Launch the app

General information

• App version: 0.5.0.1 & 0.6.0-beta2
• App source: F-Droid
• Android Version: 7.1.2
• Custom ROM: ResurrectionRemix v5.8.5

Expected result

What is expected? The app fails to add a new entry via scanning the qr-code. I've added all my previous entries on version 0.4.x without any problem. My os has not changed since then, so i assume its some internal problem.

After scanning the qr-code the error "Verschlüsselungsschlüssel nicht geladen (encryption key was not loaded)" is displayed. However I can add new entries if I configure them manually, so there seems to be no problem with encrypting the database.

What I tried so far

• Reset the cache
• Clear the KeyStore

LogCat

Im not that familiar with android debugging, so here a excessive Log. https://pastebin.com/5419mBKB

So I noticed that when I switch languages from the settings page, the screen of andOTP flashes but yet nothing happens, the language still remains in English, it just doesn't switch! Could this be a bug or what? Am quite confused 😕 because I noticed the strings for other languages exist in the source of andOTP but it doesn't work within the app, why?

When I try to mess around with the app by clicking on Save without actually inputting the secret key, the app just crashes and trying to restart the app, it keeps crashing on startup, so only option is to clear the app's data which shouldn't be so, I think it's rather better to maybe disable the save button when the edittext fields are still empty so as to prevent the crash from happening for people that might click save button by mistake!

Name: Team Password Manager Website: https://teampasswordmanager.com/ Link to SVG or EPS image: (I traced/recreated this from their ~60px bitmap logo, as I couldn't find vector graphics anywhere — so it is far from an official version.)

Links to: https://github.com/andOTP/andOTP/issues/995

General information

• App version: 0.9.0.1-play
• App source: Google Play
• Android Version: 12
• Custom ROM: No (MIUI 13.0.3 Stable)

Expected result

Allow me to click the backup button and the modal will ask me the key to use

ℹ️ It was working in previous versions, I have backups since august of 2019 until august of 2021. Not clear when it started to be broken. I appears I started doing AES backups instead in march of 2022.

What does happen instead?

No modal, unable to click on backup button. It says I have selected not provider.

Steps to reproduce

Steps:

• Install OpenKeychain
• Load a key in the OpenKeychain app
• Go to the andOTP app
• Select OpenKeychain as a provider
• Suspicious bug number 1: in the menu it says that a key was selected (impossible because the provider was just set)
• Go to backup
• Selected GPG
• It says that I must select a provider in settings

If you want to be allowed to created a buggy backup then after selecting a provider follow https://github.com/andOTP/andOTP/issues/995 and just add some text in the key email setting

General information

• App version: 0.9.0.1-play
• App source: Google Play
• Android Version: 12
• Custom ROM: No (MIUI 13.0.3 Stable)

Expected result

Create a GPG backup file that is not empty

What does happen instead?

It creates an empty backup file making the user think it did work (how dangerous !)

Steps to reproduce

Steps:

• Install OpenKeychain
• Load a key in the OpenKeychain app
• Set a non valid email for the a key in the OpenKeychain app
• Backup and see that the file is empty
• Set a valid email
• Backup and see that the file is also empty

Is your feature request related to a problem? Please describe. No

Describe the solution you'd like To be able to view a the number of tokens associated with each tag in the tags drawer, such as putting the count in parenthesis in the list of tags e.g. "Some Tag (4)"

Describe alternatives you've considered None

Additional context I made a test implementation on my own branch here: https://github.com/ian-collier-osu/andOTP/tree/a4. However I'm not sure creating a new object for Tags is the best way to work around having no tag database entity.

Name: MyAnimeList Website: https://myanimelist.net/ Link to SVG or EPS image: https://drive.google.com/file/d/1pn1Y0Egn_aGdgPnJRLFDZcNzkwdsvZLe/view?usp=sharing

I could not find any official SVG/EPS image. The image linked is manually traced from here using Inkscape.