github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-05-08 12:58:36 -05:00
Code Issues 1.1k Packages Projects Releases 122 Wiki Activity

Import from 2FAS fails when the .2fas export contains groups #2242

New Issue
Closed
opened 2025-11-26 23:12:51 -06:00 by GiteaMirror · 4 comments
GiteaMirror commented 2025-11-26 23:12:51 -06:00
Owner
Copy Link

Originally created by @ajasnz on GitHub (Jun 3, 2025).

Steps To Reproduce

  1. Go to 2FAS
  2. Make sure you have created at least 1 group with TOTP tokens inside
  3. Export the 2FAS backup without a password
  4. Go to Bitwarden Authenticator
  5. Navigate to Import and select 2FAS (no password)
  6. Import fails with "Unsupported Algorithm: null)

Expected Result

All tokens from 2FAS are correctly imported and groups in the export files are ignored

Actual Result

The import fails with "Invalid algorithm: null"

Screenshots or Videos

No response

Additional Context

Manually opening the 2FAS export in a text editor and removing the groups from the file (place at the end of the export) allows the file to be imported into Bitwarden Authenticator. It appears there is no filtering logic to exclude the group records from 2FAS during the import. Ideally Bitwarden should discard the groups configuration, or at minimum provide a more descriptive error message instructing the user to delete all groups and try again. Alternatively there could be an option to "attempt to import anyway" in which any valid tokens are imported and an error list of failed tokens is provided at the end.

Build Version

2025.5.0

What server are you connecting to?

US

Self-host Server Version

No response

Environment Details

  • Device: Samsung Galaxy S23+
  • OS: Android 15, OneUI 7.0

Issue Tracking Info

  • I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
Originally created by @ajasnz on GitHub (Jun 3, 2025). ### Steps To Reproduce 1. Go to 2FAS 2. Make sure you have created at least 1 group with TOTP tokens inside 3. Export the 2FAS backup without a password 4. Go to Bitwarden Authenticator 5. Navigate to Import and select 2FAS (no password) 6. Import fails with "Unsupported Algorithm: null) ### Expected Result All tokens from 2FAS are correctly imported and groups in the export files are ignored ### Actual Result The import fails with "Invalid algorithm: null" ### Screenshots or Videos _No response_ ### Additional Context Manually opening the 2FAS export in a text editor and removing the groups from the file (place at the end of the export) allows the file to be imported into Bitwarden Authenticator. It appears there is no filtering logic to exclude the group records from 2FAS during the import. Ideally Bitwarden should discard the groups configuration, or at minimum provide a more descriptive error message instructing the user to delete all groups and try again. Alternatively there could be an option to "attempt to import anyway" in which any valid tokens are imported and an error list of failed tokens is provided at the end. ### Build Version 2025.5.0 ### What server are you connecting to? US ### Self-host Server Version _No response_ ### Environment Details - Device: Samsung Galaxy S23+ - OS: Android 15, OneUI 7.0 ### Issue Tracking Info - [x] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
GiteaMirror added the app:authenticatorbug labels 2025-11-26 23:12:51 -06:00
GiteaMirror commented 2025-11-26 23:12:52 -06:00
Author
Owner
Copy Link

@bitwarden-bot commented on GitHub (Jun 3, 2025):

Thank you for your report! We've added this to our internal board for review.
ID: PM-22320

@bitwarden-bot commented on GitHub (Jun 3, 2025): Thank you for your report! We've added this to our internal board for review. ID: PM-22320
GiteaMirror commented 2025-11-26 23:12:52 -06:00
Author
Owner
Copy Link

@walldmtd commented on GitHub (Aug 3, 2025):

It looks like this isn't caused by the groups, but by some services in 2fas not having the "algorithm" property set. Adding "algorithm": "SHA1" in the "otp" object for the entries that were missing it solved the issue for me. Maybe some of the entries in the groups that you removed were missing "algorithm", and that's why it fixed it?

@walldmtd commented on GitHub (Aug 3, 2025): It looks like this isn't caused by the groups, but by some services in 2fas not having the "algorithm" property set. Adding "algorithm": "SHA1" in the "otp" object for the entries that were missing it solved the issue for me. Maybe some of the entries in the groups that you removed were missing "algorithm", and that's why it fixed it?
GiteaMirror commented 2025-11-26 23:12:52 -06:00
Author
Owner
Copy Link

@mwsl commented on GitHub (Aug 18, 2025):

I have an empty "groups" entry and 21 tokens. However, only 6 tokens have "algorithm" entries. My workaround was to:

  1. Open the 2FAS file in Notepad.exe
  2. Delete every occurrence of the string "algorithm":"SHA1",
  3. Replace every occurrence of the string "tokenType":"TOTP", with the string "algorithm":"SHA1","tokenType":"TOTP",
  4. Save the file
  5. Import the file into Bitwarden Authenticator

I didn't delete the "groups" entry and all 21 tokens imported successfully.

@mwsl commented on GitHub (Aug 18, 2025): I have an empty **"groups"** entry and 21 tokens. However, only 6 tokens have **"algorithm"** entries. My workaround was to: 1. Open the 2FAS file in Notepad.exe 2. Delete every occurrence of the string **"algorithm":"SHA1",** 3. Replace every occurrence of the string **"tokenType":"TOTP",** with the string **"algorithm":"SHA1","tokenType":"TOTP",** 4. Save the file 5. Import the file into Bitwarden Authenticator I didn't delete the **"groups"** entry and all 21 tokens imported successfully.
GiteaMirror commented 2025-11-26 23:12:52 -06:00
Author
Owner
Copy Link

@mpbw2 commented on GitHub (Sep 22, 2025):

Fixed in 5875

@mpbw2 commented on GitHub (Sep 22, 2025): Fixed in [5875](https://github.com/bitwarden/android/pull/5875)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label app:authenticator bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#2242
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?