Airbitz not showing all recovery questions from Questions.json

[greatwolf]

When setting up account recovery questions I notice not all the questions are shown in the drop down selection. Going by the list of questions from https://app.auth.airbitz.co/api/v1/questions, some of the questions not displayed:

"What is your favorite ice cream brand and flavor?" "What city and country would you most like to visit?" "What is your oldest cousin's first and last name?"

plus numerous others.

At first I thought maybe my local Questions.json on the device was out-of-date. But cat'ing out the contents of that file through adb shell shows all the questions are in fact there. After some investigation and debugging, it appears Airbitz is ignoring all questions that have the category "must". If I replace all instances of "must" with "string" and adb push'ing that change back, then Airbitz finally displays all those questions.

Is this a known issue? Is this the intended behavior?

I experienced this problem while running:

• Oneplus One running CyanogenMod 12.1 (Lollipop 5.1.1)
• Airbitz 1.4.9

[swansontec]

It's funny you should report this, because I was just looking at this code last night, and something seemed weird about it. I'll see if anybody remembers why we have it set up this way.

[greatwolf]

They didn't happen to leave any comment in the code somewhere?

[teneighty]

This is a bug. Android is not including the "must" category of recovery questions. In order to make answering the questions more difficult for an attacker, we require questions to be answered in each group. The "must" group was added later and not added to Android.

Thanks for the report. We will have this fixed in the next release.