Reported by flasheater on 12 Dec 2014 23:48 UTC Possibly related to #32.

1. Set custom Icon using the Google Photos app
2. Switch to another app and switch back Icon is now back to default.

Android Cyanogenmod 11 Nexus 5

Reported by dbrgn on 14 Jun 2016 12:15 UTC The INTERNET and READ_EXTERNAL_STORAGE permissions seem to be unused. They should be removed.

Patch is attached. Alternatively, you can pull from my fork:

$ git remote add dbrgn https://github.com/dbrgn/freeotp $ git pull dbrgn/master

(I know people that did not want to use FreeOTP because it used the internet permission.)

Reported by simo on 12 Dec 2013 16:21 UTC Application data can be accessed on rooted devices or by getting access to backups (esp. on the cloud), it should be possible (and actually encouraged by a setup wizard on app. startup) to encrypt the data store, and decrypt it at application statrup via password/pin/gesture/biometrics/whatever :)

Hello

Is this app still under development?

F-Droid says that it has "a known vulnerability". And I am wondering what that might be.

Thanks for that amazing app!

Looking at the android store listing and the issues here, the app hasn't been updated in like 4 years and lots of people claim development has been abandoned. However, the renaissance project appears to be active and it looks like someone made a new commit only a couple of months ago.

TL;DR: What is the current status of development on this app?

downloads images from the internet or saves the images you selected in the application itself based on and replaces PR 83

Fixes #32 Fixes #39 Fixes #51 Fixes #83 Fixes #87 Fixes #104

Some people like to have their phone's time configured ahead of the actual time. That's why this contribution allows to define the time offset. It's kind of like travelling in time ;)

The icon is taken from Google's Material Design Icons library [1] and is itself licensed under Apache License [2], so this should not become a problem I hope.

[1] https://github.com/google/material-design-icons [2] https://github.com/google/material-design-icons/blob/68e015dbbb6b730b5fe4934e8507cd5a465c8a3d/LICENSE

I have a phone with a broken camera, so QR codes are not easily available for it. I noticed that if you manually enter an otpauth:// URI to get it to load it in FreeOTP it does not bounce over to the app as you would expect. Can it register itself as a handler for those URIs so manual entry or copy/paste would work?

So lemme preface this by saying that I really don't know the inner workings of 2 Factor Authentication. However, I do know is that getting a 5 alphanumeric character code is possible, which is what steam uses. See: https://github.com/winauth/winauth

I'm not having much luck finding an android app that does both alphanumeric and up to 8 digits. I would love to make the switch from Authy and Steam Guard to just Freeotp.

To find your steam secret from your android device install and setup steam guard and edit: /data/data/com.valvesoftware.android.steam.community/files/SteamGuard-InsertCharactersHere

Reported by anisse on 21 Nov 2014 10:25 UTC The app crashes on Lollipop on start. Here is the logcat:

I/ActivityManager( 749): START u0 {act=android.intent.action.MAIN cat=[flg=0x10200000 cmp=org.fedorahosted.freeotp/.MainActivity bnds=276,871[540,1167](has extras)} from uid 10022 on display 0 I/ActivityManager( 749): Start proc org.fedorahosted.freeotp for activity org.fedorahosted.freeotp/.MainActivity: pid=7785 uid=10131 gids={50131, 9997, 3003, 1028} abi=armeabi-v7a D/OpenGLRenderer( 7785): Render dirty regions requested: true D/Atlas ( 7785): Validating map... D/AndroidRuntime( 7785): Shutting down VM E/AndroidRuntime( 7785): FATAL EXCEPTION: main E/AndroidRuntime( 7785): Process: org.fedorahosted.freeotp, PID: 7785 E/AndroidRuntime( 7785): java.lang.IllegalArgumentException: The key must be an application-specific resource id. E/AndroidRuntime( 7785): at android.view.View.setTag(View.java:17185) E/AndroidRuntime( 7785): at org.fedorahosted.freeotp.BaseReorderableAdapter.getView(BaseReorderableAdapter.java:101) E/AndroidRuntime( 7785): at android.widget.AbsListView.obtainView(AbsListView.java:2344) E/AndroidRuntime( 7785): at android.widget.GridView.onMeasure(GridView.java:1060) E/AndroidRuntime( 7785): at android.view.View.measure(View.java:17430) E/AndroidRuntime( 7785): at android.widget.LinearLayout.measureVertical(LinearLayout.java:875) E/AndroidRuntime( 7785): at android.widget.LinearLayout.onMeasure(LinearLayout.java:613) E/AndroidRuntime( 7785): at android.view.View.measure(View.java:17430) E/AndroidRuntime( 7785): at android.view.ViewGroup.measureChildWithMargins(ViewGroup.java:5463) E/AndroidRuntime( 7785): at android.widget.FrameLayout.onMeasure(FrameLayout.java:430) E/AndroidRuntime( 7785): at android.view.View.measure(View.java:17430) E/AndroidRuntime( 7785): at android.view.ViewGroup.measureChildWithMargins(ViewGroup.java:5463) E/AndroidRuntime( 7785): at com.android.internal.widget.ActionBarOverlayLayout.onMeasure(ActionBarOverlayLayout.java:447) E/AndroidRuntime( 7785): at android.view.View.measure(View.java:17430) E/AndroidRuntime( 7785): at android.view.ViewGroup.measureChildWithMargins(ViewGroup.java:5463) E/AndroidRuntime( 7785): at android.widget.FrameLayout.onMeasure(FrameLayout.java:430) E/AndroidRuntime( 7785): at com.android.internal.policy.impl.PhoneWindow$DecorView.onMeasure(PhoneWindow.java:2560) E/AndroidRuntime( 7785): at android.view.View.measure(View.java:17430) E/AndroidRuntime( 7785): at android.view.ViewRootImpl.performMeasure(ViewRootImpl.java:2001) E/AndroidRuntime( 7785): at android.view.ViewRootImpl.measureHierarchy(ViewRootImpl.java:1166) E/AndroidRuntime( 7785): at android.view.ViewRootImpl.performTraversals(ViewRootImpl.java:1372) E/AndroidRuntime( 7785): at android.view.ViewRootImpl.doTraversal(ViewRootImpl.java:1054) E/AndroidRuntime( 7785): at android.view.ViewRootImpl$TraversalRunnable.run(ViewRootImpl.java:5779) E/AndroidRuntime( 7785): at android.view.Choreographer$CallbackRecord.run(Choreographer.java:767) E/AndroidRuntime( 7785): at android.view.Choreographer.doCallbacks(Choreographer.java:580) E/AndroidRuntime( 7785): at android.view.Choreographer.doFrame(Choreographer.java:550) E/AndroidRuntime( 7785): at android.view.Choreographer$FrameDisplayEventReceiver.run(Choreographer.java:753) E/AndroidRuntime( 7785): at android.os.Handler.handleCallback(Handler.java:739) E/AndroidRuntime( 7785): at android.os.Handler.dispatchMessage(Handler.java:95) E/AndroidRuntime( 7785): at android.os.Looper.loop(Looper.java:135) E/AndroidRuntime( 7785): at android.app.ActivityThread.main(ActivityThread.java:5221) E/AndroidRuntime( 7785): at java.lang.reflect.Method.invoke(Native Method) E/AndroidRuntime( 7785): at java.lang.reflect.Method.invoke(Method.java:372) E/AndroidRuntime( 7785): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:899) E/AndroidRuntime( 7785): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:694) W/ActivityManager( 749): Force finishing activity org.fedorahosted.freeotp/.MainActivity

I might have reordered my OTPs.

Looking at the documentation of setView, it seems FreeOTP is doing something wrong: https://developer.android.com/reference/android/view/View.html#setTag%28int,%20java.lang.Object%29 Indeed, the key argument should be declared in the resources, but this is not the case here: L33: private static final int KEY = BaseReorderableAdapter.class.hashCode();

It might also be related to ART, but I don't know.

Regards,

Anisse

This is possibly related to issue #172.

I inadvertently created a QR code with no label and no issuer. This code crashes FreeOTP when scanned. The value of the code is as follows:

otpauth://totp/%3A?issuer=&secret=TEST

On larger mobile devices the Token font scales quite large and can be viewed by others from quite some distance. Please consider adding a configurable Token display size option.

1. Seems like a critical bug: on 2.0 the UI doesn't show names for most of the keys, so I can not determine which OTP belongs to which service. Having dozens of keys this makes the app unusable.

2. Is there a way to switch back to the previous version for now or to export raw secrets from the app?

(Sorry for the quality of the pic, the app doesn't allow to make screenshots)

When scanning a QR code from Microsoft's mfasetup on https://aka.ms/mfasetup, I get this warning:

Token is unsafe!

The token you are attempting to add contains weak cryptographic parameters. Use of this token is stronly discouraged! Please alert your token provider.

[Cancel] [Add Anyway]

It might be useful to have more details on why the token is unsafe, e.g. some text about the algorithm (cipher, key exchange mechanism, parameters, …). If possible, it would also be nice to tell why the token is unsafe.

Version info: FreeOTP 2.0 (24) from F-Droid repository on Android 11.

It's possible to select multiple keys at once and then the edit button only edits one of them.

Maybe the edit button should be disabled unless only one key is selected?

I received the FreeOTP app 2.0 through F-Droid. It imported my entries without error, but when I open the app and simply scroll down in the list, it crashes.

This is the output on adb logcat:

01-08 15:55:28.186 19352 19352 I Adapter : Bind to view token [xxx][xxx]
01-08 15:55:28.197 19352 19352 E ahosted.freeotp: Invalid ID 0x00000000.
01-08 15:55:28.197 19352 19352 I Adapter : Bind to view token [xxx][xxx]
01-08 15:55:28.207  2076 15697 D CompatibilityChangeReporter: Compat change id reported: 161145287; UID 10165; state: DISABLED
01-08 15:55:28.208 19352 19352 D AndroidRuntime: Shutting down VM
01-08 15:55:28.208 19352 19352 E AndroidRuntime: FATAL EXCEPTION: main
01-08 15:55:28.208 19352 19352 E AndroidRuntime: Process: org.fedorahosted.freeotp, PID: 19352
01-08 15:55:28.208 19352 19352 E AndroidRuntime: java.lang.IllegalArgumentException: Path must not be empty.
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at com.squareup.picasso.Picasso.load(Picasso.java:332)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at org.fedorahosted.freeotp.main.ViewHolder.bind(ViewHolder.java:255)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at org.fedorahosted.freeotp.main.Adapter.onBindViewHolder(Adapter.java:172)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at org.fedorahosted.freeotp.main.Adapter.onBindViewHolder(Adapter.java:64)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.RecyclerView$Adapter.onBindViewHolder(RecyclerView.java:7065)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.RecyclerView$Adapter.bindViewHolder(RecyclerView.java:7107)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.RecyclerView$Recycler.tryBindViewHolderByDeadline(RecyclerView.java:6012)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.RecyclerView$Recycler.tryGetViewHolderForPositionByDeadline(RecyclerView.java:6279)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.GapWorker.prefetchPositionWithDeadline(GapWorker.java:288)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.GapWorker.flushTaskWithDeadline(GapWorker.java:345)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.GapWorker.flushTasksWithDeadline(GapWorker.java:361)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.GapWorker.prefetch(GapWorker.java:368)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at androidx.recyclerview.widget.GapWorker.run(GapWorker.java:399)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at android.os.Handler.handleCallback(Handler.java:942)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at android.os.Handler.dispatchMessage(Handler.java:99)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at android.os.Looper.loopOnce(Looper.java:201)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at android.os.Looper.loop(Looper.java:288)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at android.app.ActivityThread.main(ActivityThread.java:7872)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at java.lang.reflect.Method.invoke(Native Method)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548)
01-08 15:55:28.208 19352 19352 E AndroidRuntime: 	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:936)
01-08 15:55:28.210  2076 19392 I DropBoxManagerService: add tag=data_app_crash isTagEnabled=true flags=0x2
01-08 15:55:28.211  2076 15697 W ActivityTaskManager:   Force finishing activity org.fedorahosted.freeotp/.main.Activity
01-08 15:55:28.215  2076  3822 E FrameEvents: updateAcquireFence: Did not find frame.
01-08 15:55:28.219  2076  2206 I ActivityManager: Showing crash dialog for package org.fedorahosted.freeotp u0

I assume the path was optional with FreeOTP < 2.0 and the importer did not check for this requirement.