Wrongly Deleting Sites

[marbiru]

On the Goolge Authenticator iPhone app, I tried to delete my login for one site (let's say Facebook) and it initially didn't disappear. So I tried to delete it again, after which not only had that login disappeared but also another login for another site (let's say Amazon) was gone too. This got me locked out of Amazon.

I know there's no way to prove this but I promise I didn't accidentally delete the Amazon login the second time. The fact that it then disappeared makes me think that somehow the id's of the different logins are getting reassigned after a login is deleted, which (in a case like this where for some reason there was a delay in the first login being removed from my screen) made it possible for me to delete a login named "Facebook" and cause my Amazon login to disappear instead.

It goes without saying but given the nature of GA this seems like a critical bug -- it could (and did) get me completely locked out of a service I was using (Amazon) because I was suddenly left without the 2FA code I needed to log in.

[MrPickles]

This is for the current app store version of Authenticator, right? Do you know of any way to reliably reproduce this bug? Unfortunately, there's not much anybody can do to investigate or fix this unless the bug is reproducible.

[marbiru]

Does this work?

Steps to reproduce:

1. Use GA on iPhone
2. Have multiple logins listed (let's say Google, Amazon, Facebook)
3. Delete the last login (Facebook)
4. Before the app has fully refreshed/updated and removed the Facebook login from your screen, delete the same login again
5. After app has processed this, instead of just deleting the Facebook login (and throwing an error the second time around), it will have deleted both the Facebook and Amazon logins (i.e. the last and second-last login in your list of logins).

[marbiru]

I believe @cbjartli had the same issue, perhaps he has more details?