Android: Can't use the app anymore after update to 3.3: "Wrong login details"

GitMate.io thinks possibly related issues are https://github.com/nextcloud/android/issues/2101 (Cannot login anymore due to gson update), https://github.com/nextcloud/android/issues/2939 (Login failed on the app ), https://github.com/nextcloud/android/issues/2639 ([3.2.0.RC1] Crashes on start after app update), https://github.com/nextcloud/android/issues/2978 (Asks for login info after closing app or not using it for a while.), and https://github.com/nextcloud/android/issues/2552 (App closes upon login).

The same happen to me.
Xiaomi Mi A1. Android 8.1 August update
Client app 3.3.0 server 13.0.5.

I tested on Asus Zenfone 3 Zoom (Android 8.0 with September update) and it's working ok.

Anyone from Nextcloud here? This issue makes the app unuseable...

I didn't work on that particular feature so I can only guess. Could you try to go through Android's settings for the app and clear all data and give it a try? My guess is that the lock mechanism survives your re-installation and that it seems the device credentials unlocking mechanism used in-app is buggy for Xiaomi devices (both of you seem to not be the only ones with this OEM where the mechanism seems to fail...)

This might be related to #2879
Because of that bug, the app never asks for my fingerprint but the PIN instead. If however I place my finger on the sensor (even though it is asking for a pin) the phone vibrates and claims "Wrong login details". It then asks for the PIN again.

I then have to enter the PIN twice to use the app.

@jlelse Leave your finger off of the sensor and try to unlock it with the pin code only

@AndyScherzinger That doesn't work, because the button to delete app data got replaced with "Manage storage" ("Speicherplatz verwalten" in German) and even that requires unlock with PIN or fingerprint.

@joekerna That doesn't work either. Same error as with fingerprint, although it's the correct pin.

@joekerna definitely kind of related to #2879. I talked to @tobiasKaminsky and suggested that we re-add the original fingerprint only implementation as an alternative to the device credentials for OEms where the device credentials machanism of Android doesn't work which is from my point of view a huge OEM bug :/

@AndyScherzinger Are you sure? Should be collect a list of phones/oems where it does/doesn't work.
Because the device credentials feature is working on my phone on other apps.

@joekerna well, not sure anymore after your latest comment... Then it seems we need to further investigate the code to see if there might be any flag that need to be set or other specifics if it works for you for other apps. It'll be hard to track this one down since it works on our phones and also on the emulator.

Does nobody have a Huawei phone at Nextcloud? :)

Not that I know of (I am just a contributor, so I can't say for sure). I only know of OP2, OP3T and Samsung A3

you have to enter the pin about 5-10 times and it will eventually let you in but the FP sensor is completely broken in this version even when it was working in the older version. After entering the pin about a dozen times you will get to your files but you will have a popup that says "E2E mnemonic" and nothing else but OK button. 

I have a question .. are you guys having this issue... rooted with your phones and are you using SU or Magisk?

You would think this would be a huge issue if it was happening to "mainstream" phones with people that haven't rooted and have stock setups... Since it only seems to be some of us I'm thinking that it has something to do with root.

The 3.3.0 Nextcloud app on my phone gives me that Pin/Fingerprint screen every time I launch it even with the settings set to "none" for the lock. So I guess its showing up on everyone's phone even if they have it disabled and it must be working for most people.

My phone is neither rooted or with Magisk and I have the problem.

ok that rules that out .. it happened on two of my ROMs on the phone the stock ZTE one and another one called AICP and since they were both rooted I figured maybe that had something to do with it .. thanks for the input at least I know its not because of my modifications

@joekerna Same issue for Huawei Mate 9, using fingerprint to unlock will give 'Incorrect Credential'. No problem when manually entering password. Stock EMUI, not rooted

Nextcloud version: v3.3.0 (Fdroid)
Android version: 8.0.0

Same issue for Highscreen power 5 max, using fingerprint to unlock will give 'Incorrect Credential'. If entering PIN two times after that error it unlocks app. It started from 3.3.0 version of the app.
Nextcloud version: 3.3.0 (Fdroid)
Android version: 6.0 + magisk(root)

Similar issue on my Motorola Moto G 5S. Only difference, on the lower part of the unlock screen there is a little fingerprint symbol to be seen. Noticing this i place my finger on the sensor and was able to unlock the app without entering the pin. Interestingly, I'm not always asked for unlocking the app. Sometimes it just starts. That's not particularly secure, isn't it. The old way unlocking with the fingerprint was much better.

BTW, I use both options to unlock the phone, pin and fingerprint. To start the phone I've to enter the pin, later on I only use the fingerprint to unlock.

is there a solution yet?
did someone try to use an older version of the app? (did not dare to try yet)

is there a solution yet?
did someone try to use an older version of the app? (did not dare to try yet)

Ever since the introduction of device credentials it hasn't worked.

Here same bug. When i reinstalled the app from the playstore, it also does not recognise that the server is running NC14. (trashbin is not available in the menu) So, maybe that is related to this issue?

Is there a way to completely clear the cache according to the nextcloud app?

I have also NC14 and the newest app doesn't let me login. When i type in my server url he says "wrong username or password". But there is no input for these two types.

I strongly assume this to match my problem and I found where the problem actually laid and could fix it. Otherwise this is a different bug....

Set-up and Problem

• Running Nextcloud 14
• Access via browser (even from mobile and using mobile data) is fine
• Updated mobile app ( v.3.4.2., android 8.0.0 on a Samsung Galaxy A5)
• offered to login via fingerprint/screen unlock
• failed and gave odd behaviour, claiming failed logins
• assumed a simple resetup after update would fix
• deleted account
• tried to set up again
• entered server address
• "testing connection"
• "wrong username or password" without even showing any entry fields for ID or PW
• access via browser still file, only app continues to fail

Fix:

I previously used a self-signed SSL-certificate, that needs manual confirmation in the app and which ran fine before the update (did not use the app for a longer time, though). I replaced it with a verified SSL (in my case the free offer by Let's Enrcypt https://letsencrypt.org/getting-started/ ) and the issue was gone.

Maybe the self signed cert was outdated inbetween and this is shown wrongly as "wrong username or password".

No, I still have the certificate. Definitely not outdated and still in use for other subdomains on that server.

However, the certificate was not bound to the nextcloud (sub)domain, but just one of the standard snakeoil certificates. I don't know how deep the certificate check in the app goes. As said before: browser-based access was still successful and only the app denied login.

My solution was to use the correct URL 😆

This request did not receive an update in the last 4 weeks. Please take a look again and update the issue with new details, otherwise the issue will be automatically closed in 2 weeks. Thank you!