h4110w33n
commented
2 years ago Tagged a new image in Docker hub. Related PR referenced above. Let me know if that works for you.
docker pull thisisvantaworks/alpine-bitlbee:uafix
Open miztizm opened 2 years ago
h4110w33n
commented
2 years ago Tagged a new image in Docker hub. Related PR referenced above. Let me know if that works for you.
docker pull thisisvantaworks/alpine-bitlbee:uafix
miztizm
commented
2 years ago Still no luck, i get a notification in my browser that i use suspicious connection. After a accept it. It still logging off and on
i tested most of them from here: including windows, andorid, ios and it the same problem, that makes me think that its not related to user agent.
h4110w33n
commented
2 years ago Reading into this a bit further... this plugin never had first-class MFA support, which is the core issue here and in the linked issue. The only auth mechanism it has is password based, and nothing for negotiating MFA. (Somebody can correct me if I'm wrong, but I'm not finding any proper support in a tagged release).
For accounts that had MFA, it relied on app passwords because of this limitation. The right solution here is adding MFA functionality to the plugin, but given they are looking for a maintainer, I'm not confident that will be soon.
There is a workaround, but I'm not a fan. Disable MFA. Logging in with the 1) deprecated app password feature or 2) a password on an MFA disabled account are the same as far as the plugin is concerned.
@warshell I don't know if this workaround fits your threat/security model, but it does work reliably on my test FB account.
miztizm
commented
2 years ago Hello Sir, I dont have a MFA protection on my facebook account. What else it could be ?
ps: how can i reach you to talk directly Robert, thanks
Hello please can you fix this https://github.com/bitlbee/bitlbee-facebook/issues/195 https://github.com/dequis/purple-facebook/search?q=FB_ORCA_AGENT