Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Forum Discussion
Former Member
3 years ago"QR code Detection Failed" message attempting to scan QR
In 1Password app, I am trying to enable MFA for a site
I select the "Scan QR Code" button and I get this message
Note that I have allowed screen recording permissions
1Password Version: 1Password for Mac 8.9.8 (80908009)
Extension Version: 2.4.1
OS Version: macOS Monterey 12.6.1
Browser:_ Safari
- ElijahLynnNew Contributor
Got it working per https://1password.community/discussion/comment/646827/#Comment_646827
If i zoomed in on the QR page once ( just ⌘+) the "Scan QR" from the 1Password Desktop App worked
I didn't think it would but tried it by reverse-pinching the trackpad and centering it and then 1Password grabbed it.
- ElijahLynnNew Contributor
I'm seeing this issue too. I just migrated from Chrome to Brave browser and getting this error too. Works fine with Chrome, but not Brave. I tried toggling 1Password off/on in the Mac Privacy and Security "Screen Recording" section.
It is something to do with Brave.
Brave 1.52.126 Chromium: 114.0.5735.133 (Official Build) (arm64)
Revision fbfa2ce68d01b2201d8c667c2e73f648a61c4f4a-refs/branch-heads/5735@{#1270}
OS macOS Version 13.4.1 (Build 22F82)
JavaScript V8 11.4.183.23 - Former Member
In order to complete this transition from OTP Auth to 1Password, I created a utility that would look for QR codes and show the content: https://github.com/jlamoree/qr
The Apple Shortcut feeds a screenshot into a Python script in a Docker container and shows the decoded content of any QR codes found. Using it, I completed the data transfer without too much pain. None of the visible OTP Auth QR codes were importable directly by 1Password using the "Scan QR code from clipboard or screen" button. The issue is not secret padding as previously suggested.
- Former Member
1P_Dave Yes, adding TOTP to 1Password when the QR code is presented in the browser window works properly, for the single test case I performed using hover.com. When the QR code image from Hover was displayed in a browser page modal, I clicked the QR code import button on the record being edited in the 1Password for Mac application. That all worked as expected.
However, having OTP Auth show that same QR code baffled 1Password. The actual code content in these two situations was different. For the one in the browser that 1Password "saw" the content was
otpauth://totp/Hover:jlamoree?secret=sdm2lnkgly6e5nux75pmnn5fhi&issuer=Hover
but when OTP Auth generated the QR code, the content wasotpauth://totp/Hover:jlamoree?secret=SDM2LNKGLY6E5NUX75PMNN5FHI======&issuer=Hover&digits=6&period=30&algorithm=SHA1
.It's my belief that 1Password for Mac has no problem seeing QR codes on the screen, but rather that the parser does not like the content that it saw. Perhaps 1Password is angry because the secret is padded or that config fluff was added to the query string.
I suspect the mechanism for parsing the text content of the QR code differs when 1Password is running in iOS vs. macOS, since 1Password for iOS doesn't have a problem importing QR codes from OTP Auth when I aim my iPhone's camera at the desktop display.
- 1P_Dave
Moderator
@the_actual_jlamoree
That's fair enough, the diagnostics report would help narrow down on the issue that's occurring on your Mac but I can still investigate as far as possible here on the forums. To answer your initial question:
I am very interested to know if this feature is functional under any circumstance.
Yes, this feature should be working. I just took a screenshot of the 2FA QR code for my ProtonMail account and opened it on my Mac using the Preview app. 1Password 8 for Mac was then able to detect and save the one-time password from the QR code.
Our developers do have an internal work item open that might be relevant to the issue. Can you tell me if you've tried to use 1Password 8 for Mac to save the one-time password for an account by displaying the original QR code on that website in the browser and not by displaying the extracted QR code from OTP Auth (or by opening the QR code that you extracted from OTP Auth in the browser)?
-Dave
ref: dev/core/core#19783
- Former Member
1P_Dave I came to the forums to resolve this product issue so that others may benefit. I'm not super interested in having secret email correspondence. The diagnostics output was not necessary in order to tell me whether this product feature is claimed to function currently or not.
- 1P_Dave
Moderator
@the_actual_jlamoree
Thank you for the reply. Please continue the conversation over email as I don't have access to your diagnostics report here on the public forums. My colleagues over on the email support team will be able to investigate further in the email thread open for the issue that you're running into. 🙂
-Dave
- Former Member
I received a response from 1Password Support via email after I sent the diagnostics information, which is weird, because I suspect most 1Password.Community members don't have access to my email. It offered a tip about adjusting my screen brightness, which suggests that I need to provide more context.
For background, I have been using OTP Auth for several years. It is good, but limited. I have, until recently, resisted adding TOTP secrets to 1Password because it violated my conception of separate factors. I have since given up this position, since my emergency recovery codes are already in 1Password, so the TOTP authorizer app isn't necessary when performing an attack. If somebody gets into my 1Password vault, the game is over.
To enjoy the significant benefits that come from having TOTP in 1Password, I want to transfer all 72 secrets. I have tried multiple exfiltration methods. One method is to copy the secret in Base32 out of OTP Auth for Mac. Unfortunately, the Catalyst app is buggy as hell and the context menu fails to activate and present the copy option. This is not 1Password's fault, but it does mean that I can't use the least error-prone method.
The other method for extracting secrets is to have OTP Auth for Mac show the QR code as an image. I assumed that 1Password for Mac would be able to tap into the displayed pixels and grab the currently visible image inside OTP Auth for Mac. These are the things I have tried:
* Display QR code in OTP Auth Catalyst app, then click the "Scan QR code from clipboard or screen" button in 1Password. Result: "QR code detection failed"
* Thinking that perhaps the issue was with an OS secure overlay feature, I grabbed the QR code image content and saved it as a file to display in Preview. Also fail.
* I attempted to copy the image data into the clipboard from Preview. I inspected the clipboard with Keyboard Maestro to verify the content existed. Still, no import to 1Password.
* I opened the saved QR code image in Google® Chrome® with the 1Password extension activated, thinking that perhaps the expected customer use case is to import an image from some web page leveraging the extension's ability to inspect the DOM and media. Nope.
* I opened the target website and injected an image tag into the page to load my saved QR code, thinking that perhaps 1Password would perform a document.location.origin match on the record being edited in 1Password, because, let's be honest, that's the sort of over-engineering I would subject my customers to. Still nope.The application log is splattered with lines like this:
WARN 2023-02-03T08:08:45.492 op_executor:invocation_loop(ThreadId(17)) [1P:op-app/src/app/backend.rs:220] operation blocking event loop invoke Invocation(External(ProcessQrCode(<QrCodeProcessRequest>))) took more than 50 ms (70 ms)
I'm running macOS 13.1 22C65 on a Mac Studio. The 1Password for Mac 8.9.15 (80915001) application has been granted Privacy & Security permission for the following:
* Location Services
* Camera
* Accessibility
* Screen RecordingI will note that running 1Password on iOS and aiming my phone's camera at my ridiculous Apple Studio Display to import what OTP Auth for Mac is showing works flawlessly. It's just not the procedure I was hoping to use.
I'm on the production release channel. I am willing to switch to beta, but haven't yet.
- andrew_l_1P
1Password Team
Thanks @geekneck, I can confirm we've received your email. Apologies on behalf of Bitbot 😅
We'll take a look at the diagnostic report you attached and reply to you there as soon as possible!
ref: CYR-51199-537
- Former Member
1P_Dave I sent another email without the attachment and still no response. Maybe because my email address has dots in the username?