TOTP Error

eggnima
eggnima
Community Member
edited May 2018 in 1Password in the Browser

Hi, I've recently installed 1Password on my Mac, my iPhone and the Google Chrome extension.

I've added my company login for 1Password, as well as a TOTP field in the login. Here's where it gets interesting:

  • TOTP generated in 1Password iOS app is valid
  • TOTP generated in 1Password macOS app is valid
  • TOTP generated in 1Password Google Chrome extension is invalid

Does anyone have any idea what could be going on here?


1Password Version: 6.8.8 (688002)
Extension Version: 1.7.1
OS Version: macOS High Sierra 10.13.4 (17E199)
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    @eggnima: That's definitely weird, as Chrome should be getting the date/time/zone from the OS...

    But wait, what OS and Chrome version are you using 1Password X with? Maybe I'm jumping to conclusions. :)

  • eggnima
    eggnima
    Community Member
    edited May 2018

    @brenty , macOS 10.13.4 and Google Chrome v66.0.3359.139. :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @eggnima: Not what I was hoping for, but I'll take it! ;)

    Next question: if you view that item in the 1Password.com web interface, does that have the correct code (matching 1Password for Mac and iOS)? How about if you do so in Safari?

  • eggnima
    eggnima
    Community Member

    @brenty , viewing the login item in the 1Password.com web interface in Google Chrome and Safari both produce valid TOTPs.

    The left-most TOTP is from the 1Password macOS app, the center one is from Safari, and the right-most TOTP is from Google Chrome.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @eggnima: Well, that seems like there's probably something we can improve in 1Password X then with regard to generating TOTP codes. Just to confirm: you're able to successfully login using the code generated by either 1Password for Mac, 1Password for iOS, or the 1Password.com website. If all of that is true, would you be able to invalidate your existing TOTP secret and setup a new one so you can share the old one (the one you're using now, which is giving 1Password X trouble) with us? There may be some unexpected formatting that we need to account for.

  • eggnima
    eggnima
    Community Member
    edited May 2018

    @brenty , yes, your assumption is correct.

    And sure, that wouldn't be a problem at all.

    Is there some way that I could privately share the old TOTP secret with you?

  • AGAlumB
    AGAlumB
    1Password Alumni

    @eggnima: Yep! I'll shoot you a private message in a minute here. :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    I've filed an issue for this with all the details, and we'll track down what's causing the difference here. Thanks so much for bringing this to our attention! :)

    ref: b5x-406

  • beyer
    beyer
    1Password Alumni

    @eggnima: It turned out 1Password X wasn't properly handling TOTP URLs with a period parameter which was causing your generated OTP to be incorrect under most circumstances. I've fixed this issue and submitted the change to my team for review. Assuming there are no issues you should see this fixed in our next release. I recommend using our beta version if you want an early jump on bug fixes and new features.

    Thanks for reporting this issue. I greatly appreciate it! 😁

    &drew

  • eggnima
    eggnima
    Community Member

    @beyer, thanks so much to you and your team for helping to resolve this issue!

    @brenty, I'm grateful for your help in troubleshooting this issue with me, and eventually resolving the bug :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @eggnima: We couldn't have done it without you! Glad to hear all is well. Thanks again for your willingness to work with us on this, and for reporting it in the first place. <3

This discussion has been closed.