Switching accounts requires repeat login when using 2FA

[rdlugosz]

When switching accounts (via heroku accounts:set foo), if the user has 2-factor authentication in use they will get a Invalid credentials provided message when they next issue a heroku command.

After entering email, password and the current 2FA code the user is able to use heroku as expected.

Note that the set command appears to execute successfully. The error doesn't happen until you try to run any other Heroku command.

[mobilutz]

I think the big "problem" here is, that account:add only adds a username & password. But of course a 2FA accounts needs to validate these informations again and it looks like this validation is not saved by heroku-accounts.

[jughead]

It looks like it now always requires the browser login even if 2FA is disabled: https://devcenter.heroku.com/changelog-items/1530?utm_source=dlvr.it&utm_medium=twitter

[alistairholt]

This is such a painful thing to deal with. I have to do a browser login every time I switch accounts and of course, the browser is guaranteed to already be logged into an account that isn't the one you are trying to authorise and the Heroku auth flow kind of sucks.

[kennethjiang]

The flow to change account has been broken since I upgraded Heroku cli to the version that uses browser to login. Really annoying and painful. Please get it fixed!

[JosephHalter]

+1