FreeOTP ignores a critical known issue with backup and restore

The app currently has a backup feature, but it’s not possible to restore from the backup, and some of them seem to even be corrupt. There’s no response at all from the maintainers and no effort in making sure that new users know that they can’t trust the backups.

I believe something must be done by F-Droid, either having an anti-feature or completely removing the app, considering how serious this issue is - users may lose access to their accounts.

See if this helps:

Thanks for the help but I could find my recovery key. I just hope some sort of warning is added to FreeOTP’s page for their failure in dealing with this issue for months, so that less people get to have problems with it.

Can this bug be reproduced with only one phone?

I tried right now and couldn’t, so I guess it’s something related to the format of the backup being dependent on the phone architecture or android version

This is a case with FreeOTP & FreeOTP+ as well on A13, A14 Vivo, OP, and LG Wing as well (A11)

What’s the last working version?

in my testing the plus app one worked fine, even when authenticate was ON

3 versions back. On one Infinix it works oob. On my own Vivo it will only work if it is 3 versions old. On my old OP5, it works on LOS flawlessly, but on any other OS it does not work properly.

which apps exactly, both original and plus? with or without authenticate?

Both of them. With authentication works perfectly on Infinix and as stated above.

1 Like

So we need to add a note to the Description? “check backup first”

might be related? Import file does not work · Issue #273 · helloworld1/FreeOTPPlus · GitHub

Can’t it be considered into the “Known Vulnerability” anti-feature? It’s not exactly a “security” issue, but it may cause damage anyway

1 Like

No progress?

open a MR to add a description note maybe?

I thought this was the place for this kind of request. Where can I open a “MR”?

on Gitlab…

can we get a recheck of dev answers first? they know? they care?

It seems like there’s been no activity from the maintainers for around two months

added note: freeotp - add note (62b17d6e) · Commits · F-Droid / Data · GitLab

and: freeotpplus - add note, override fastlane (1942b64a) · Commits · F-Droid / Data · GitLab