Security settings change/reset by themselves

[dusrdev]

General Information

• MEGA Version: 5.14.1

• iOS Version(s): iPad OS 14.6

• Devices/Simulators: iPad Pro 11" 2021 - 256GB Wifi+Cell

• Reproducible? (Yes/No): Yes

What happened?

I have mega set up to request verification on entry by form of Face ID, it requires a pin code as a backup anyway. Every so often, on average about every 1.5 days or so, I enter mega and instead of it requesting Face ID, it requests the pin code, after entering it, I immediately check the settings and find out that Face ID is turned off. I switch it on and it works as it should again, until next time that happens. Something is causing the device/app to turn off the setting by itself. No one else has access to my device/app, and I certainly didn't turn it off. This is a very weird bug.

What did you expect to happen?

The settings should stay like I set them to...

[dusrdev]

It appears I have found the exact thing that triggers this change in the settings. When the application is used by itself (launched directly), it is fine. But the moment I use mega from the file menu (As in trying to import files in another app, then browsing to "my ipad" then opening the mega section), then it opens but the setting changes, so the next time I enter mega, doesn't matter from where, I will be required to enter the pin as Face ID is turned off. The issue is clearly "Reproducible"!

[jnavarrom]

Hi @dusrdev ,

We will take a look at this issue.

Thanks for reporting.

[jnavarrom]

I am not able to reproduce the problem when for example from Photos.app (gallery), select a photo, tap share and then select MEGA.

Can you share the steps to reproduce the problem?

[dusrdev]

I have been able to reproduce it when I import as opposed to share things although it might be happening with both, I clearly noticed it with import. To be precise on the steps this is what I have done: In the app GoodNotes: I used the import functions, which opens the default file menu and then:

• Pressed the left top button marked "On My iPad"
• again top left button marked "browse"
• under the "locations" section that appears on the left I select "mega" It then opens a mega window that allows me to select a file (from this moment in the background "Face ID" is being turned off by the app itself and will not be used in any subsequent launch of the app until manually switched back on).

If you are still not able to reproduce it, comment again and I'll try to capture it on video.

[jnavarrom]

It is not 100% reproducible but I see the code path that could cause this issue:

1. https://github.com/rolandleth/LTHPasscodeViewController/blob/master/LTHPasscodeViewController/LTHPasscodeViewController.m#L391
2. https://github.com/rolandleth/LTHPasscodeViewController/blob/master/LTHPasscodeViewController/LTHPasscodeViewController.m#L395

canEvaluatePolicy can returns false, for example if biometrics is locked out (require enter the passcode when you lock the phone)

Error Domain=com.apple.LocalAuthentication Code=-8 "Biometry is locked out." UserInfo={NSLocalizedDescription=Biometry is locked out.}.

In these cases, it should ask for the passcode, but not change the user's setting.

[dusrdev]

The issue is that it changes the settings, maybe it's a different code but in any case, I will record a video reproducing the issue and will post an unlisted YouTube link here. It'll probably be tomorrow thought.

[dusrdev]

I have managed to reproduce the issue during a screen recording, please have a look:

https://youtu.be/v2ggqOjFiGQ

Keep me updated if you can.