Comments (6)
ThomasHabets
commented on August 17, 2024
Does it not have that? Why do you need it to be manual? It seems that it gets the time drift from Google.
Also, why not just set the system time manually, then?
And I can't speak for the validity window for Google services, but surely the window of acceptable codes is larger than 30 seconds?
from google-authenticator-android.
ocdtrekkie
commented on August 17, 2024
This would be nice as an option, if it got contributed back to the open source. (Noting, of course, that the current Play Store version of Google Authenticator is closed source.)
Part of the reason to allow a manual option to set time drift is in the case of the reason I forked the app: I wanted to remove the INTERNET permission, as I don't think 2FA apps should have the INTERNET permission. (Especially since you no longer have any idea what Google might be sending back and forth with the closed source versions going forward.)
from google-authenticator-android.
ThomasHabets
commented on August 17, 2024
Ah. For the open source app you'll know what is being sent, because you have the source.
But I still don't understand the use case. If you fork the code and remove network sync, then you can also add manual time sync. But this (opensource) version will continue to have internet permissions, so why would it require or even want the user to have to manually sync the time?
And if the time is wrong and requires manual intervention, then why set the time in GA when it can be fixed globally on the device?
In any case, it's not me you have to convince. I'm merely an owner on github, and not an Android developer.
from google-authenticator-android.
baffo32
commented on August 17, 2024
The following patch exposes the time correction as a preference. This resolved my personal issue of having an offline device with a skewed clock.
diff --git a/res/xml/preferences_time_correction.xml b/res/xml/preferences_time_correction.xml
index cd9337d..6e7d60d 100644
--- a/res/xml/preferences_time_correction.xml
+++ b/res/xml/preferences_time_correction.xml
@@ -25,6 +25,11 @@
android:targetClass="com.google.android.apps.authenticator.timesync.SyncNowActivity">
</intent>
</PreferenceScreen>
+ <EditTextPreference
+ android:defaultValue="0"
+ android:inputType="numberSigned"
+ android:key="timeCorrectionMinutes"
+ android:title="Adjustment in minutes" />
<PreferenceScreen
android:key="about"
android:title="@string/timesync_about_feature_preference_title"
diff --git a/src/com/google/android/apps/authenticator/TotpClock.java b/src/com/google/android/apps/authenticator/TotpClock.java
index ee9add4..0b6586c 100644
--- a/src/com/google/android/apps/authenticator/TotpClock.java
+++ b/src/com/google/android/apps/authenticator/TotpClock.java
@@ -26,7 +26,7 @@ import android.preference.PreferenceManager;
*
* @author [email protected] (Alex Klyubin)
*/
-public class TotpClock {
+public class TotpClock implements SharedPreferences.OnSharedPreferenceChangeListener {
// @VisibleForTesting
static final String PREFERENCE_KEY_OFFSET_MINUTES = "timeCorrectionMinutes";
@@ -45,6 +45,7 @@ public class TotpClock {
public TotpClock(Context context) {
mPreferences = PreferenceManager.getDefaultSharedPreferences(context);
+ mPreferences.registerOnSharedPreferenceChangeListener(this);
}
/**
@@ -62,7 +63,11 @@ public class TotpClock {
public int getTimeCorrectionMinutes() {
synchronized (mLock) {
if (mCachedCorrectionMinutes == null) {
- mCachedCorrectionMinutes = mPreferences.getInt(PREFERENCE_KEY_OFFSET_MINUTES, 0);
+ try {
+ mCachedCorrectionMinutes = mPreferences.getInt(PREFERENCE_KEY_OFFSET_MINUTES, 0);
+ } catch(ClassCastException e) {
+ mCachedCorrectionMinutes = Integer.valueOf(mPreferences.getString(PREFERENCE_KEY_OFFSET_MINUTES,"0"));
+ }
}
return mCachedCorrectionMinutes;
}
@@ -80,4 +85,11 @@ public class TotpClock {
mCachedCorrectionMinutes = null;
}
}
+
+ public void onSharedPreferenceChanged(SharedPreferences sharedPreferences, String key) {
+ if (key.equals(PREFERENCE_KEY_OFFSET_MINUTES)) {
+ // Invalidate the cache
+ mCachedCorrectionMinutes = null;
+ }
+ }
}
from google-authenticator-android.
baffo32
commented on August 17, 2024
Sorry, I hadn't seen the new comments.
- Not all devices (mine does not) allow setting the system time.
- The device is not always online. It may be in an area of no service without wifi for an extended period of time, or may be old and damaged. Personally I would like the option of airgapping my device -- if it has a network connection it may be hacked over that network connection and is then no longer a secure token.
from google-authenticator-android.
ThomasHabets
commented on August 17, 2024
Would you mind setting that in a pull request?
from google-authenticator-android.
Related Issues (20)
- Current Google Authenticator Version does not work on Android 2.3.7 HOT 3
- Stable version, compatible with Android 2.3.7?
- Query the function of the specified account HOT 3
- App can't be installed on devices w/o back-facing camera HOT 3
- The problem with data recovery
- Invalid Codes for 3rd Parties HOT 2
- 8digits HOT 1
- Maven library error when building apk
- F-Droid HOT 6
- A problem with hotmail.com Google Accounts "[email protected] like Google Account" do not have the code email to verify HOT 1
- Active search
- Help request - decode otpauth-migration://offline?data= uri HOT 10
- InflateException: Binary XML file line #110 HOT 2
- Consider adding ability to momentarily pause 6-digit code from refreshing while entering it
- Error: Cannot interpret QR code HOT 7
- google authenticator 2fa key value illegal character HOT 6
- Feature Request: Rearrange the order of your accounts
- Support client side encrypted backups and device to device transfers.
- Infinite loading after selecting the account in the dialog for sign in HOT 3
- Archive unmaintained repository HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from google-authenticator-android.