app passwords gone?

[jaymzh]

It looks like FB dropped app-passwords (or at least I can't find them in my settings anymore)... This may mean we have to support FB's full 2-factor flow properly. :/ I can no longer login via pidgin.

[tbjorheim]

Hi. I have the same issue. Get error "Invalid username or password (401)" when I try to connect. The app password page is also removed when I check Facebook using webbrowser. :(

A friend is still able to connect using this plugin, but he also doesn't have the app password page when checking Facebook using webbrowser.

I can't find any official information about Facebook has dropped support for app password, and the help page still refers to the app passord page, which no longer exist for me.

Maybe Facebook just has silently removed support for app passwords. That will maybe means the end for this plugin. :((

[jaymzh]

The internal team just confirmed for me they killed App Passwords and that the help page still being there is a mistake.

There's work to make Platform 2-fac stuff work for this plugin here: https://github.com/dequis/purple-facebook/issues/445 - any help would be appreciated.

Note that this project is in search of a new maintainer (https://github.com/dequis/purple-facebook/issues/518)

[john5788]

I am seeing the same things. Without 2FA support, this plugin is dead to me.

I tried disabling 2FA on my account, but it immediately spits me back to re-enabling 2FA again. App passwords were a nice way to get around it, but they were silently removed.

[dequis]

The internal team just confirmed for me they killed App Passwords and that the help page still being there is a mistake.

There's work to make Platform 2-fac stuff work for this plugin here: #445 - any help would be appreciated.

Note that this project is in search of a new maintainer (#518)

I guess I'd be up for applying some changes, given the stuff in that ticket.

[grimmy]

The internal team just confirmed for me they killed App Passwords and that the help page still being there is a mistake.

There's work to make Platform 2-fac stuff work for this plugin here: #445 - any help would be appreciated.

Note that this project is in search of a new maintainer (#518)

~Did they kill the researcher settings too? I can't seem to get the whitehat menu item to show up in messenger on android.~

Nevermind, managed to get it working with a test account.

[jaymzh]

@dequis - I'd be happy to donate to your favorite charity again, if that helps. :)

[grimmy]

Eion was able to get me a capture from ios. Looks somewhat simple. I'll try to get to this as soon as I can.

[boris-petrov]

I just got hit by this too... :( I read the other issue and I'm not sure I understand correctly - is there a way right now to make Pidgin work with FB's two-factor auth?

[jaymzh]

@boris-petrov - yes, you can run the python script, get the token, jam it into accounts.xml and it'll work.

[jaymzh]

@grimmy - any update? Did the python script from the other bug help?

[grimmy]

I've kind of got this working, but there's some issues getting it implemented correctly and going to take me a bit of time to figure out.

[akhepcat]

Using the original, or my mostly-automated hack (https://raw.githubusercontent.com/akhepcat/Miscellaneous/master/pidgin-fb-login-2fa.py) of a script (to grab the necessary auth data) i'm not able as of today to log in with 2FA anymore.

I'm able to retrieve the token correctly, but shutting down pidgin, inserting the new token, and restarting just causes the login process on FB to attempt reauthentication.

Unfortunately, i don't know why, and don't have the skills/exp to look at it and see what's going on.

[procule]

Using the original, or my mostly-automated hack (https://raw.githubusercontent.com/akhepcat/Miscellaneous/master/pidgin-fb-login-2fa.py) of a script (to grab the necessary auth data) i'm not able as of today to log in with 2FA anymore.

I'm able to retrieve the token correctly, but shutting down pidgin, inserting the new token, and restarting just causes the login process on FB to attempt reauthentication.

Unfortunately, i don't know why, and don't have the skills/exp to look at it and see what's going on.

Same thing here :(

[fangfufu]

My old app password stopped working too. :(

[Penaz91]

I had a similar issue where I couldn't log in using the script, remaking the account on pidgin fixed the issue. It seems it's working correctly (at least for me, currently)

[akhepcat]

Tried to remake the account with no success: 1) delete account 2) restart pidgin 3) create new account 4) attempt login 5) quit pidgin 6) run script 7) paste data into accounts.xml 8) start pidgin

And i'm immediately prompted by my phone "a new device requiring 2FA..." to reauthenticate.

[sbstratos79]

Tried to remake the account with no success:

1. delete account
2. restart pidgin
3. create new account
4. attempt login
5. quit pidgin
6. run script
7. paste data into accounts.xml
8. start pidgin

And i'm immediately prompted by my phone "a new device requiring 2FA..." to reauthenticate.

I faced the same issue but after a couple of tries, I noticed that the accounts.xml file was being removed when I exit Pidgin. So I just made all the necessary changes to accounts.xml, copied the contents, closed Pidgin, reloaded accounts.xml, replaced its contents with the modified accounts.xml text and started Pidgin again. This worked for me but I am still facing one issue. Pidgin keeps logging in and out of fb every few minutes. Note that this relogin process doesn't need any manual intervention. It just logs in on its own. But it's very annoying since all the chat windows keep closing when it logs out.

[akhepcat]

I faced the same issue but after a couple of tries, I noticed that the accounts.xml file was being removed when I exit Pidgin. So I just made all the necessary changes to accounts.xml, copied the contents, closed Pidgin, reloaded accounts.xml, replaced its contents with the modified accounts.xml text and started Pidgin again. This worked for me but I am still facing one issue. Pidgin keeps logging in and out of fb every few minutes. Note that this relogin process doesn't need any manual intervention. It just logs in on its own. But it's very annoying since all the chat windows keep closing when it logs out.

@sbstratos79 - see my note over here: it works if you ignore that pop-up! (though i don't know why your accounts.xml would be deleted, that ... seems broken. maybe it's being hidden, or moved somewhere else? I'm on linux, though, and don't use it anywhere else)

https://github.com/dequis/purple-facebook/issues/445#issuecomment-1061266862

[sbstratos79]

I faced the same issue but after a couple of tries, I noticed that the accounts.xml file was being removed when I exit Pidgin. So I just made all the necessary changes to accounts.xml, copied the contents, closed Pidgin, reloaded accounts.xml, replaced its contents with the modified accounts.xml text and started Pidgin again. This worked for me but I am still facing one issue. Pidgin keeps logging in and out of fb every few minutes. Note that this relogin process doesn't need any manual intervention. It just logs in on its own. But it's very annoying since all the chat windows keep closing when it logs out.

@sbstratos79 - see my note over here: it works if you ignore that pop-up! (though i don't know why your accounts.xml would be deleted, that ... seems broken. maybe it's being hidden, or moved somewhere else? I'm on linux, though, and don't use it anywhere else)

#445 (comment)

I have already seen the comment. I didn't interact with the confirmation notification. But I didn't wait for an sms code either since I've disabled sms confirmation. I use Google authenticator and using that code worked for me. But as I said, i keep getting logged out.

[jaymzh]

@akhepcat - I like your enhancements to my script. I've adopted it and sent you a PR with some fixes.

[akhepcat]

@akhepcat - I like your enhancements to my script. I've adopted it and sent you a PR with some fixes.

Already adopted with one cleanup. :-) Thanks!

I've got some other ideas, but calling dbus from python is outside my wheelhouse. For now. Time to do some research, i guess!

[jaymzh]

I've got some other ideas, but calling dbus from python is outside my wheelhouse. For now.

You might want pystemd - my former coworkers maintain it. There's also a straight dbus library.

[akhepcat]

I've got some other ideas, but calling dbus from python is outside my wheelhouse. For now.

You might want pystemd - my former coworkers maintain it. There's also a straight dbus library.

I think i've got the first pass of what I want it to do at startup but i don't have enough skill to use the dbus interface to actually make the changes in the config file while things are running.

https://raw.githubusercontent.com/akhepcat/Miscellaneous/master/pidgin-fb-login-2fa-v2.py is where i'm working on the next-gen version.

[DMJC]

I've forked this on github and redone the build system using Meson, if someone can assist me with libpurple we should be able to get facebook 2fa working in pretty short order. I've been working on getting bitlebee's facebook api code integrated into the codebase.

[jaymzh]

@DMJC - NICE!

Can you make a PR against this repo from your fork, then people can collaborate on it? @dequis offered to give input/guidance to anyone working on it, he just doesn't have the bandwidth to do the work himself.

[DMJC]

I'm going to need assistance/guidance on how they want to integrate this. I kind of took a flamethrower to the repo. Ripped out all of the .hg stuff and wiped out the auto-tools/automake config.. I'm assuming they will probably want to ingest my meson.build script and incrementally remove/clean up?