Chrome Extension Breaks 2FA Logins to Google Apps for Work
The Chrome extension stops logins to Google Apps for Work accounts if they have 2FA turned on.
What seriously?
Yep.
Steps to reproduce:
- Install 1Password extension for chrome
- Go to admin.gooogle.com
- Enter your email address and press next
- Enter your password (using the extension is entirely optional - makes no difference) and press next
Expected results:
You will be prompted for a TOTP code
Actual results:
You end up on https://accounts.google.com/multilogin/challenge/sl/password and that page gives a 404.
How do I know that it's caused by the 1Password extension?
I've tried this on in private browsing and on multiple machines and they all exhibit the same behaviour. As soon as I turn off the 1Password extension, it works as expected.
Does it repro on other browsers with the 1Password extension?
No. I was sure it did, but when I tested again today, it didn't repro so I can rule it out.
How long has this been happening for?
Started sometime in the last few weeks. I don't know anything more specific than that since I don't log into the account very often.
Does this occur with other accounts?
I don't know. It doesn't repro with my wife's account (the only other account I have access to), but she doens't use 2FA.
1Password Version: 4.6.0.604
Extension Version: 4.5.7.90
OS Version: 6.2.9200
Sync Type: Not Provided
Referrer: forum-search:Chrome Extension breaks 2FA logins to Google Apps for Work
Comments
-
Hi, @veloxz. I'm sorry for the trouble you're having but I wasn't able to reproduce it. Following your steps landed me on the 2FA code prompt. I see that you're on Windows, so I'm going to ask one of my colleagues that uses Windows more to take a look as well and see if they can reproduce it there.
--
Jamie Phelps
Code Wrangler @ AgileBits0 -
It repros on OS X as well. I just needed to pick one version for the report. On mac:
Chrome Extension Version: 4.5.7.90 (as above)
1Password Version: 6.3.1
OS X Version: 10.11.40 -
I'm not sure what could be different. I wasn't able to reproduce it and @AlexHoffmann wasn't able to reproduce it on Windows either. I think my next suggestion would be to try it in a fresh Chrome profile with only the 1Password extension installed and see if you still have the issue.
0 -
A fresh profile seems to solve it. But this one is tied to my Google account so what's the next step in figuring out what it is about this profile that breaks things?
0 -
As soon as I log into my account again (even if I completely wipe the profile directory) it stops working again. Meaning, if I delete "%LOCALAPPDATA%/Google/Chrome/User Data/Default", I still get the same issue. Only creating a new one from within Chrome and not logging into my account solves it.
0 -
@Veloxz: It sounds like the profile data you keep syncing over may simply be the issue. I wonder what else you have going on in your profile: other extensions, settings? I'm not able to reproduce this issue either, and I can't see what it could have to do with the 1Password extension. 1Password doesn't determine which URLs you get when logging in, doesn't handle redirects or 404s, and doesn't interact with the page unless you tell it to. The fact that you're having the same problem whether you actually invoke 1Password or not seems telling.
When I follow your steps, I'm able to login normally. When I logout and try to URL you said resulted in a 404 (https://accounts.google.com/multilogin/challenge/sl/password), I was redirected to another page (https://myaccount.google.com/?pli=1), where I then logged in successfully.
I'd love to know what other elements are involved to see if I could reproduce this...but at the end of the day, even if that's possible, I'm not sure that we'll be able to do anything about interactions with other software or a corrupt profile. Nevertheless, I'm intrigued. :)
0 -
Ok, I've given this a huge amount of time, but almost a year later, this continues to be an issue.
0 -
Unfortunately none of us are able to reproduce this with our own Google Apps accounts, and, as I mentioned back in July, without knowing more about your specific setup (extensions, settings, etc.) we're just sort of relegated to trying your steps and arriving at the same conclusion: If you're having this issue with or without invoking 1Password (it doesn't interact with the page unless you tell it to), this appears to be an interaction caused by something else entirely. I'm sorry I don't have a better answer for you. We can keep trying, but I'm not optimistic that we will be able to do anything for this given that no one else seems to be seeing this issue. :(
0
