Closed
Bug 1060698
Opened 10 years ago
Closed 7 years ago
[E-Mail] Gmail Account's 2-Step Authorization prevents user login and displays misleading error message
Categories
(Firefox OS Graveyard :: Gaia::E-Mail, defect)
Tracking
(b2g-v2.0 affected, b2g-v2.1 unaffected, b2g-v2.2 unaffected)
RESOLVED
WONTFIX
Tracking | Status | |
---|---|---|
b2g-v2.0 | --- | affected |
b2g-v2.1 | --- | unaffected |
b2g-v2.2 | --- | unaffected |
People
(Reporter: onelson, Unassigned, Mentored)
References
Details
Attachments
(2 files)
Description:
With Gmail's implementation of a 2-Step Authentication login, users will observe the inability to login with their gmail accounts via the Gaia Email app (provided their account has 2-Step Login Enabled).
[2-Step Login = Enabled]
Upon attempting to login with their email's native password, users will encounter an error informing them that:
"You must use an application specific password for two-factor Gmail accounts"
When a user then attempts to utilize an application specific password (8 digit codes generated within their gmail account [accessed via a separate browser/verified-device], they will then encounter a different error:
"Invalid username or password. Check for typos."
This blocks the user from accessing their gmail accounts as a separate (unknown) issue is now preventing the user from logging in. Any authorized (unused) code should progress them into their gmail at this step.
[2-Step Authorization = Disabled]
If the user were to disable 2-Step authorization, they will be able to sign in with their gmail accounts with no problem with their native password.
-------------------------------------------------------------
Repro Steps:
Prerequisite: Gmail account with 2-Step Authorization Enabled.
1. Open 'E-Mail' app.
2. Add new account: name, email address of qualifid gmail account, native password.
3. Observe first error message:
"You must use an application specific password for two-factor Gmail accounts"
4. Change password to authorized & unused code from Google for seperate Applications (accessed via Account > Security > 2-Step Verification: Settings > "Show backup codes."
5. Attempt to login.
6. Observe second error message:
"Invalid username or password. Check for typos."
Actual Results:
User receives appropriate error for attempting login with native password on 2-Step Verification enabled account; user encounters error when attempting login with authorized code for 2-Step from their account security page, preventing access.
Expected Results:
User receives appropriate error for attempting login with native password on 2-Step Verification enabled account; user logs in successfully to account with authorized code for 2-Step from their account security page.
Reporter | ||
Comment 1•10 years ago
|
||
Tested only against flame 2.1 [319mb] device:
Environmental Variables:
Device: Flame Master (319mb)
Build ID: 20140829040202
Gaia: 007f3c50cf69f044628a23c2376c6d88aa45f617
Gecko: d697d649c765
Version: 34.0a1 (Master)
Firmware Version: v123
User Agent: Mozilla/5.0 (Mobile; rv:34.0) Gecko/34.0 Firefox/34.0
Blocks: 1059100
QA Whiteboard: [QAnalyst-Triage?]
status-b2g-v2.1:
--- → affected
Flags: needinfo?(ktucker)
Reporter | ||
Comment 2•10 years ago
|
||
Including second log file of misleading error messaged received from attempting to login to email via authorized codes from Google.
Comment 3•10 years ago
|
||
Application-specific passwords are 16-character alphanumeric sequences. Based on the second half of coment zero, it sounds like you are trying to use backup codes in place of an application specific password which definitely won't work.
Please see https://support.google.com/mail/answer/1173270?hl=en for the details on how to do the application-specific password thing.
Having said that, it's clear that we want to actually be linking to that page directly rather than depending on the user to be accomplished at creating application-specific passwords or being proficient at searching for the support page, since it is fairly complicated.
Although, we also just want to use XOAuth2, and we're planning to do that in bug 1059100. When we fix that, we will no longer experience this problem, etc. We're also thinking about some uplift mitigations, so it may be that we'll track this bug's fixed status on older branches, etc. based on the mitigation.
So we should leave this open for now, I think.
Comment 4•10 years ago
|
||
Can you please branch check this?
status-b2g-v2.1:
affected → ---
Flags: needinfo?(ktucker) → needinfo?(onelson)
Comment 5•10 years ago
|
||
Adding QAWanted for Comment 4 and to verify this still occurs now that bug 1059100 is fixed.
Comment 6•10 years ago
|
||
Branch Check
Issue DOES NOT occur in Flame 2.2, 2.1 (nightly), 2.1, Open_C 2.2
Note: The fix from bug 1059100 seems to have landed correctly in these working builds (2.2, 2.1).
Device: Flame Master
Build ID: 20140923141844
Gaia: 37b8a812c642ca616bf9457cb9b71e45261cdfa8
Gecko: 9472206fdd12
Version: 35.0a1 (Master)
Firmware Version: v180
User Agent: Mozilla/5.0 (Mobile; rv:35.0) Gecko/35.0 Firefox/35.0
--------------------------------------------------------------
Device: Flame 2.1 (nightly)
Build ID: 20140924063013
Gaia: 020e6283a033e8fbcf65e7ed81c5b75ba0095f22
Gecko: d6b762814638
Version: 34.0a2 (Master)
Firmware Version: v180
User Agent: Mozilla/5.0 (Mobile; rv:34.0) Gecko/34.0 Firefox/34.0
--------------------------------------------------------------
Device: Flame 2.1
Build ID: 20140924002556
Gaia: 700f481fca40ef8ea0a3aad4ff109c0c62eb6bac
Gecko: 26ee4bed7952
Version: 34.0a2
Firmware Version: v180
User Agent: Mozilla/5.0 (Mobile; rv:34.0) Gecko/34.0 Firefox/34.0
--------------------------------------------------------------
Device: Open_C Master
Build ID: 20140923065343
Gaia: 37b8a812c642ca616bf9457cb9b71e45261cdfa8
Gecko: 9e193395b912
Version: 35.0a1 (Master)
Firmware Version: P821A10V1.0.0B06_LOG_DL
User Agent: Mozilla/5.0 (Mobile; rv:35.0) Gecko/35.0 Firefox/35.0
--------------------------------------------------------------
--------------------------------------------------------------
Issue DOES occur in Flame 2.0 and 2.0 base image.
Device: Flame 2.0 Base Image
Build ID: 20140904160718
Gaia: 506da297098326c671523707caae6eaba7e718da
Gecko: 2b27becae85092d46bfadcd4fb5605e82e1e1093
Version: 32.0 (2.0)
Firmware Version: L1TC10011800
User Agent: Mozilla/5.0 (Mobile; rv:32.0) Gecko/32.0 Firefox/32.0
--------------------------------------------------------------
Device: Flame 2.0
Build ID: 20140923195101
Gaia: 263e3b201dca967ec5346e35901aa981ca47dce7
Gecko: 35d791e16d31
Version: 32.0 (2.0)
Firmware Version: v180
User Agent: Mozilla/5.0 (Mobile; rv:32.0) Gecko/32.0 Firefox/32.0
QA Whiteboard: [QAnalyst-Triage?]
status-b2g-v2.0:
--- → affected
status-b2g-v2.1:
--- → unaffected
status-b2g-v2.2:
--- → unaffected
Flags: needinfo?(jmitchell)
Keywords: qawanted
QA Contact: ddixon
Updated•10 years ago
|
QA Whiteboard: [QAnalyst-Triage?] → [QAnalyst-Triage+]
Flags: needinfo?(jmitchell)
Comment 7•7 years ago
|
||
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•