Restore password?

[neutronscott]

I don't recall setting or being asked for a password for FreeOTP. I created a backup, and now want to restore. What's the password?

I think it would be best to confirm or set the password during the backup operation.

[jwpemail]

When you first install FreeOTP it asks for a password and instructs the user to retain and remember the password because it will be needed to restore any future backup.

[WebSnke]

When you first install FreeOTP it asks for a password and instructs the user to retain and remember the password because it will be needed to restore any future backup.

@neutronscott Yep, there is no way that FreeOTP didn't ask you for a password. You should try to restore your 2FA accounts through the backup codes that you were supposed to write down when you enabled 2FA.

[neutronscott]

I've been using it for years. It was restored. This is merely a request to make the UX better.

[WebSnke]

I've been using it for years. It was restored. This is merely a request to make the UX better.

Ok, now I get it. You suggest having to enter your password a second time when setting it up, right?

[neutronscott]

Yes. A reminder. One may blindly export and with a false sense of confidence factory reset their phone only to realize their fault when restoring.

[Profpatsch]

Wow, I’ve just been bit by this. This is horrible UX! These keys are some of the most important pieces of data, being able to export them without hidden traps is absolutely vital.

Unless this is fixed soon, I won’t be recommending this app anymore and switch to a different OTP store.

[justin-stephenson]

@neutronscott @Profpatsch Will requesting confirmation of the backup password at the time of creating the backup be enough to address this issue?

[neutronscott]

I think that's sufficient. Bonus if can be reset.

[VincentSC]

I really don't like these "blame the user" answers here. :(

[neutronscott]

Well, maybe it's time to try writing java. I'm sure the team would welcome a PR.

[VincentSC]

If there is a roadmap for the general design I believe in, then there are several recruiters that believe my Java skills are till there. I already looked and I think I could even do it. :)

In case there is no roadmap, should I make a PR for that first?

[joggee-fr]

@VincentSC, it seems PRs are very welcome here. Feel free to add one for this topic.

[emptyhead]

Just to add to this. If there's not an important technical reason to have the password set up during installation, setting up at the point of backup would be a much better experience. Password is then fresh in user's mind and it also means they'll understand that a password will be needed to restore the backup.