raivo-otp / ios-application Goto Github PK

Is your feature request related to a problem? Please describe.
Some have multiple iCloud account. Since the account email is not shown in the Settings, I have to check if the right iCloud account is synced to.

Describe the solution you'd like
Instead of Personal iCloud, it should show the email of the iCloud account connected.

Describe alternatives you've considered
Another way is to show the email when Personal iCloud is tapped on and allow users to go to the relevant iOS setting page.

PS: I am a UX designer. Please don't hesitate if you need a simple prototype. I can provide them if you provide me access to your design files.

This OTP application is fantastic clean, and well designed. I would like to take a moment to say thank you for developing this application. One thing that would be extraordinary if the app had iPad OS and Apple Watch support.

Thank you once again!

Option to hide/show icons? Thank you.

During first startup a "Encryption Password" is asked.
This Password is only asked once instead of two times two insure there are no typos.

Hi i tried to send my encrypted database per mail (what is used to send the mail?) and i didn't receive an email even though i send it out multiple times?

Also what does the second number in grey mean? I assumed it was the next code after the active one but the next code if completely different?

Also i mistyped my pin code once and it told me 5 tries left? Is everything deleted afterwards?

I like the app and switched from Authy for it but i hope the app is secure and sound!

Hi,

Thanks for this great app! Would it be possible for native iPad support?

Kind regards

I just deleted an OTP and I noticed that, after deletion, you can't undo this and the OTP is deleted permanently. Maybe you could implement an option where you would be able to retrieve it for x hours after deletion like Authy. Or archive it for x hours/days. It's not like it's insecure to keep an (old) OTP a little longer. ;)

I also think you can prevent a lot of accidentally deleted OTP's by explaining that deleting them is permanent and prevents access your account.

I really love Raivo and I switched from Authy after a couple of hours already. Of course I’ll keep Authy as backup for a couple of weeks but I’m really confident that Raivo will eventually replace Authy. Keep 'm going! :)

I use Authy now. Private and business wise.
The two thing I like about Authy is:

• synchronizing
• available on ios and Windows
  That way I can copy the 2FA code in the Windows browser, while scanning QR codes with my phone.

I like your tool very much, but have to continue using Authy as long as Raivo cannot sync or is on Windows.

Will you make this possible?

• kurdy (NL)

If i look at the screenshots, I see synchronization with iCloud. But I can't enable it.
And i don't see an option to enable it.
Any idea?

Is your feature request related to a problem? Please describe.
I feel like it would be better for security if the stock iOS keyboard was used throughout the app (e.g. the Secret/Seed textfield).

Describe the solution you'd like
Forcing stock keyboard (like iOS does when typing in a password etc.)

The searchbox at the top is not shown by default, only when I slide the screen or click the search button at the bottom.

As the title says, apple watch support would be amazing since a lot of iphone users are hooked to the apple ecosystem and use an apple watch as an addition to their phone.
Plus, there is a growing number of people acquiring Apple Watches and the upcoming one is already making a lot of noise because there will be even more health related features packed into it that will make a lot of people to buy one.

Is your feature request related to a problem? Please describe.
My problem is that I see an option to export the data but I cannot import them (which would come in handy e.g. when migrating to a new phone).

Describe the solution you'd like
An option to import the exported data. Something like "Import OTPs from ZIP archive" or whatever would work.

Describe alternatives you've considered
Using the sync option but I don't want to store sensitive 2FA data in the cloud. Also I don't even know if this feature would solve my problem as I have (obviously) never used it.

Additional context
This feature might also be compatible with other 2FA apps that have an option to import & export 2FA data.

This is about discussing the current state of the code.
I would like to discuss about the current implementation of the code and, if possible, have a better understanding of what's going on. I may be wrong or have a wrong understanding of the code, this is why I'm opening this.

☁️ On iCloud data encryption

Context:

The data that is sent to CloudKit is AES-256 encrypted using your encryption key. Your encryption key (that was defined during setup) is stored in Secure Enclave.

The Security Policy is stating that when using Apple iCloud the data that is sent is encrypted using our encryption key. From my logic, if the data sent is encrypted using our encryption key (exactly like our local data), it should not be decrypted when it's leaving the app.

Observation:
If I'm looking at the code, it seems like the data that is sent to CloudKit is decrypted.

Line of code where the secret is re-encrypted retrieved from the cloud:

Line of code where the secret is decrypted before beign sent to the cloud:

Do I have a misunderstanding of how CloudKit works? Why our local data, which is already encrypted in it's current state is decrypted before being sent to CloudKit? I have deduced that the data is decrypted before being re-encrypted by CloudKit and not by the app. In this case, what's the Situation used?

📱 On device data encryption

Context:
This is more about what Raivo-OTP should use for best security. For more information on these protections and what they offer, I encourage reading this report from security researchers at Johns Hopkins University that details limitations of encryption and the type of encryption available for applications to use. It explains how the decryption keys of the application is handled and when it's decrypted.

Observation:
Without stating the entire report, it made me aware that the vast majority of apps available are using "Protected Until First User Authentication (a.k.a. After First Unlock) (AFU)" where the encryption keys are decrypted into memory when the user first enters the device passcode after a reboot, and remain in memory even if the device is locked. This practice used by Raivo OTP is sensible to attacks since everybody, I assume, reboot their phones only rarely and the phones are carried in a locked-but-authenticated state. Since Raivo OTP does not select a different protection class, it uses the default class (Protected Until First User Authentication).

Question:
For this type of protection, which Data Protection class Raivo-OTP app is currently using?

Is it possible to use the best protection available (Class A: Complete Protection, data are evicted shortly after device lock - 10 seconds)? Since the app does not need to be running in the background (the sync with icloud could only happen when the app is actively open), this level of security should not affect user experience and would give the maximum protection for the user.

Thanks for all your good work! 👍

Hello,

First, thank you very much for your amazing work ! Really, thank you to provide open source apps on iOS !

I have a request, can you add in a future update 2 icons ?

• OVH.com
• Kaspersky

Thank you :)

There are currently implementations for biometrics and 6-digit passcode authentication, and they seem to work great.

To help provide users with more freedom in customizing their security level, alphanumeric passcodes would be a great idea. It would be the next logical progression in securing users' devices, and it is also frequently a feature for other apps that lock themselves behind passcodes/biometrics.

Would this take long to implement? Other TOTP providers that offer similar authentication already seem to allow alphanumeric passcodes, but not sure how easy those are to implement compared to numerical passcodes.

It is possible to import your specific secret code from the Steam Authenticator app to allow centralisation of all 2FA codes, however at this time Raivo OTP does not support 5 digit codes. I am unsure if simply allowing a 5 digit code would generate an alpha-numeric code in steams format, or if that would have to be explicitly supported.
Adding this feature would increase the versatility of the app.

The search function is great but I think it would be a nice addition to be able to organize the OTPs. With this option I would prioritize them from most frequently used to least frequently used. For the OTP's that I use less frequently I would use the search function.

An option would be something like this:

When searching for a non-excisting icon causes a white area in dark mode, see GIF below:

• Device: iPhone XS
• OS: 13.0
• Version 1.0.2 (13)

Describe the bug

Was evaluating Raivo OTP. I added a bunch of fake entries, deleted a bunch and later tried an export. The raivo-otp-export.html seems to have the current list of accounts that I see in the app interface. The raivo-otp-export.json seems to also include the entries I had deleted.

To Reproduce
Steps to reproduce the behavior:

• Start the app from a blank state, no synchronization.
• Add some entries, delete some
• Export the zip and email to yourself.
• Examine the files in the export ZIP .

Expected behavior

I am not entirely sure what to expect here, since I am a new to this application and evaluating it.. Having the deleted entries in the JSON could be potentially useful to people, though it might be more useful if the JSON included a field mentioning that the entry was deleted and when.

I included the contents of an export files here.

• https://gist.github.com/zoredache/4f645cd2050295ed0c0be7906775f8d9

Smartphone (please complete the following information):

• Device: iPad Pro 2nd Gen
• OS: 14.5.1

Conclusion

Anyway I am not sure if this is a bug or what you would want to change here. Just adding this issue since the results were not what I would have expected.

Describe the bug
The exported HTML page with OTP secrets is vulnerable to cross-site scripting (XSS). A specially crafted image can be used to execute code and potentially leak other OTP secrets via the export file.

A specially crafted issuer name such as {{secret}} can also be used to inject values in the wrong places. The info leak impact of this is somewhat limited as the available values are those from a single entry. However by chaining fields, one can cause excessive expansion and memory consumption, similar to the Billion laughs attack. Consider for example issuer {{account}}{{account}}..., account {{secret}}{{secret}}..., and so on which will result in exponential expansion. This is not exploited below however.

To Reproduce
Steps to reproduce the behavior:

1. Add a new OTP with XSS patterns in any of its fields, e.g. otpauth://totp/xx%3Cscript%3Ealert(/xss/)%3C/script%3E?algorithm=SHA1&digits=6&issuer=%3CI%3Exss%3C/i%3E%7B%7Bdigits%7D%7D&period=30&secret=DUMMY
   
2. Go to 'Settings'
3. Click on 'Export OTPs to ZIP archive'
4. Save to Files
5. Open Files, enter encryption password, open the raivo-otp-export.html file.

Expected behavior
The data should be displayed as-is, with proper HTML escaping if needed.

Inputs should be validated. While the secret field happens to be validated against Base-32 when scanning the QR code, one can still manually enter invalid characters. The above QR code uses DUMMY for this reason, if I manually enter <u>lol{{kind}}</u>&deg;%c1x#x it will result in an invalid URL where the & is not escaped and #... is dropped.

Smartphone (please complete the following information):

• Device: iPhone13,3
• OS: iOS 14.2.1
• Version 1.1.10 (build-29)

Additional context

The HTML representation is insecurely generated. It should not use plain text.replacingOccurrences calls as that results in confusion between parameter placeholders such as {{secret}} in the template, and parameter values such as Evil issuer: {{secret}} in the issuer field.

The secret should be URL encoded just to be sure, or sanitized/validated before use to avoid URL injection:
https://github.com/raivo-otp/ios-application/blob/master/Raivo/Features/DataExportFeature.swift#L120-L123

I would also recommend including <meta name="robots" content="noindex,nofollow"> to avoid well-behaved crawlers from exposing accidentally exposing exported secrets.

And maybe hide the seed and QR code by default and require pressing a button to unhide it. This can be done with just CSS.

Looks like the cert recently expired. https://tij.me/blog/migrating-your-one-time-passwords-from-authy-to-raivo-otp/

Is your feature request related to a problem? Please describe.
I'm always frustrated when I have to tap on the link to use biometric login.

Describe the solution you'd like
There should be an option to use a certain method as default. Specifically, in the settings whete TouchID unlock is on, another option appears that says something like "Make default".

Describe the bug
The storage provider page would not finish loading.

To Reproduce
Steps to reproduce the behavior:

1. Open the App
2. Click on continue
3. See error

Expected behavior
The app will finish loading

Screenshots

Smartphone (please complete the following information):

• Device: iPhone 12
• OS: iOS
• Version 14.6

Additional context
Add any other context about the problem here.

https://i.imgur.com/bRjLiXP.jpg

• Device: iPhone 7 Plus
• OS: iOS 13 developer beta 5
• Version: 0.0.10 build 10

I would like to sync Raivo with my iCloud, however I am unable to do so. In settings, it says "Synchronization is currently disabled" with both Account and Provider saying "offline".

When I open the APP, the default unlock method is to enter the unlock passcode,please change to unlock with touchID or FaceID by default.

Hi!
Could it be possible in the future to change the encryption password after setting up the app?
Thanks!

Show sync status in settings, such as time, iCloud account, etc.

Is your feature request related to a problem? Please describe.

Not really an ongoing problem but rather a QoL and a bit of enhanced privacy addition if you will.
This would be an opt-in option so as to not bother other users who may not want to make an extra click/press.

Describe the solution you'd like

1. So, on the homepage where the tokens are listed, instead of all of them immediately being shown at once, there would be another visual filter that will hide the numbers first unless clicked/tapped/selected. Kinda like this:
   

2. After tapping on the account you need, it will then show you your code/s and "highlight" your selection as well.
   

Describe alternatives you've considered

Unless I was too blind to see these options in the Settings, I apologise.

Additional context

I also use Aegis for my Android devices and this is where I got the idea from. Hope you could look into it since I think it can also help with looking at which token is the correct one easily, particularly on services with multiple accounts listed. Thanks for the awesome work!

Describe the bug
Opening the app, the backup option is cutoff and you cannot scroll to see more.
EDIT: Found out it is how the font size in iPhone works, so maybe the dynamic sizing of the font or app isn't set right. Smaller font size makes it fit better.

To Reproduce
Steps to reproduce the behavior:

1. Open App for first time, welcome screen
2. Click on Continue
3. Screen is cutoff on storage providers
4. See screenshot

Expected behavior
Should be able to see what is available or not.

Screenshots

Smartphone (please complete the following information):

• Device: Iphone X
• OS: iOS
• Version 14.4.2

Additional context
Add any other context about the problem here.

For easier import, it would be great if the otpauth:// URL could be supported.

Some other open source iOS 2FA apps do support it:
https://github.com/mattrubin/Authenticator
https://github.com/calleerlandsson/tofu

iPhone 8, iOS 14.6, Raivo 1.1.16

Exporting a zip to iCloud or local storage works but the process never finishes visually (the spinner on the "Export" button at the bottom of the screen never stops, which is quite confusing because you don't get feedback that the Export has, in fact, finished).

The zip seems to be exported correctly nevertheless.

https://i.imgur.com/k29XXk2.jpg

The Google Authenticator app on iOS and Android provides the option to export the accounts via a QR code. You can export the account from 1 up to 5 simultanious accounts. This export method would greatly simplify moving from Google Authenticator to Raivo OTP.

https://support.google.com/accounts/answer/1066447?hl=en&co=GENIE.Platform=Android#zippy=%2Ctransfer-authenticator-codes-to-a-new-android-phone

Describe the bug
Description says 'Optional FaceID or TouchID unlock. However, on iPhone XS the only option I have is to enable TouchID. Selecting this option asks for the iPhone PIN with iPhone XS. Deselecting does not provide an option for FaceID.

To Reproduce
Steps to reproduce the behavior:

1. Go to 'Settings'
2. FaceID option is missing

Expected behavior
The option for FaceID or TouchID should be relevant to the device which the application is running on. Devices that do not posses TouchID should not have the option, and vice-versa with FaceID.

https://developer.apple.com/documentation/localauthentication/logging_a_user_into_your_app_with_face_id_or_touch_id

Screenshots

Smartphone (please complete the following information):

• Device: iPhone XS
• OS: iOS 12.4
• Version: Raivo 0.0.10

Describe the solution you'd like
Please add an Option to Edit/Change Icons after the creation of a new entry.

Describe the bug
If you choose offline during initial setup and then later want to add synchronization you cannot. Maybe this is a design choice but I don't see any documentation so figured I'd bring it up.

To Reproduce
Steps to reproduce the behavior:

1. Go through initial setup and choose offline for syncing
2. Go to settings->synchronization
3. The options for synchronization are greyed out and not select-able

Expected behavior
The option to add your iCloud for synchronization post setup.

Smartphone (please complete the following information):

• Device: XS Max
• OS: 14.3
• Version: Raivo v1.1.10

Describe the bug
I find impossible to download icons from the repository, I always get this error: "Update Failed - An SSL error has occurred and a secure connection to the server cannot be made."
I tried with WiFi, data connection or vpn and I get always the same error.

Screenshots

Smartphone (please complete the following information):

• Device: iPhone XS
• OS: 13.6
• Version 1.1.10 (build-29)

Love the app just wish there was an option to save the backup files locally to the files app or iCloud rather than exporting by email?

Had ago at trying to copy and save the zip from the generated email but IOS wouldn’t permit it :(

The README.md contains a link to a manual on how to switch from Authy to Raivo. Unfortunately, the solution requires Google Chrome (I don't want to install or use Google software) and the Authy Chrome Extension, which has been EOL for quite some time now.

Therefore, I'd like to ask if there is a different and up-to-date way to migrate from Authy to Raivo. It would be great if that solution would replace the info in README.md.

Is your feature request related to a problem? Please describe.
Currently we have 3 backup/sync options:

• none
• iCloud
• local backup (coming soon)

It would be nice to have and option to backup/restore from a self-hosted server.

Describe the solution you'd like
An option to backup/sync to a self-hosted or other server

Describe alternatives you've considered
Local backup when it is available but that seems like a manual process to store on a server i control.

Font feature, if possible to make the font of the items in smaller sizes.

Is your feature request related to a problem? Please describe.
I'm always frustrated when I have to find and open the app, authorize myself and wait for the codes to show up in order to use them.

Describe the solution you'd like
Widget with 2FA codes (in Notification Center or so)

Describe alternatives you've considered
Somehow speed up the authorization and animation but it would still not be as convenient as a widget.

Additional context
I know this might cost some security but it would be optional (might even have a toggle inside the app that makes the widget visible/invisible or something like that).

Describe the bug
After Update to iOS 13 the App behaves as it is started for the first time. Including loss of all data.

To Reproduce
Steps to reproduce the behavior:

1. Use RaivoOTP
2. Update OS to iOS 13
3. Open RaivoOTP
4. See Title

Expected behavior
The state before the Update should be shown.

Smartphone (please complete the following information):

• Device: iPhone 7
• OS: 13.0

Is your feature request related to a problem? Please describe.
Just as the title states, a dark mode! Especially for the OLED iPhones.

Is your feature request related to a problem? Please describe.
I hope you can add these cloud logo icons, thank you

Describe the solution you'd like
1password's logo
Nutscloud‘s logo

Is your feature request related to a problem? Please describe.
When switching between apps the list of 2FA codes should not be visible.

Describe the solution you'd like
Similar to all banking apps or password manages, when switching apps the screen should be blanked so that the 2FA codes can’t be seen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

I think the guide on how to migrate from Authy to Raivo OTP could be a little bit more extensive to prevent users to become frustrated because they can't find some little things. :) Some screenshots could be a nice addition.

1. Install Authy from the Chrome Web Store (link).
2. Open the Authy extension and sign in (make sure that the OTPs are visible)
   You could add a explanation that the user need to decrypt the 2FA codes by clicking on one and entering their password. Otherwise the OTP's won't be visible.
3. Go to the extensions page in Chrome (chrome://extensions/ or Menu > More tools > Extensions)
4. Enable developer mode in the top right corner
5. Find Authy from the list and then click on main.html
   You could add that you need to click on the extension to find the main.html file.
6. The Chrome developer console should now open.
7. Paste the JavaScript (at the bottom of this page) into your console.
8. You’ll now see QR-codes that you’ll be able to scan using Raivo OTP!
9. When done, close the developer tools, disable developer mode, and uninstall the Authy extension.

I now notice that the guide isn’t mentioned on this Github page or wiki. I think the guide makes it a lot easier to switch to or test Raivo OTP so I would definitely mention it somewhere.

It would be nice to have a few more app icon alternatives, much preferably with smaller icon / larger margin.