Privacybadger: Broken: Login with MFA at id.atlassian.com

Created on 19 Feb 2019  路  2Comments  路  Source: EFForg/privacybadger

TIA, love your work 馃憤

What is your browser and browser version?

Chrome (MacOS 10.14.3)
Version 72.0.3626.109 (Official Build) (64-bit)

What is broken and where?

Logging in when Multi Factor Auth is required is broken at https://auth.atlassian.com/

Note that you have to enter a valid username and password (two separate pages) before being redirected to a third page which requests the 6 digit code.

A 'toaster' notification saying:

Oops, that didn't work!
Try again in a moment

...appears before any input is entered, and reappears on auto submit (when the correct number of characters are entered). This is true of the 6 digit MFA code, and also the Recovery code.

What is the "culprit" domain?

atlassian-account-prod.guardian.pus2.auth0.com

What is your debug output for this domain?

**** ACTION_MAP for auth0.com
auth0.com {
  "dnt": false,
  "heuristicAction": "block",
  "nextUpdateTime": 0,
  "userAction": ""
}
cdn.auth0.com {
  "dnt": false,
  "heuristicAction": "block",
  "nextUpdateTime": 1530157362773,
  "userAction": "user_cookieblock"
}
meteor.auth0.com {
  "dnt": false,
  "heuristicAction": "",
  "nextUpdateTime": 1530231332540,
  "userAction": ""
}
ocelot.au.auth0.com {
  "dnt": false,
  "heuristicAction": "allow",
  "nextUpdateTime": 1520303062033,
  "userAction": ""
}
purch.auth0.com {
  "dnt": false,
  "heuristicAction": "",
  "nextUpdateTime": 1548731298578,
  "userAction": ""
}
serverlessinc.auth0.com {
  "dnt": false,
  "heuristicAction": "",
  "nextUpdateTime": 1536268067347,
  "userAction": ""
}
tapclicks.auth0.com {
  "dnt": false,
  "heuristicAction": "",
  "nextUpdateTime": 1536334105262,
  "userAction": ""
}
unruly.auth0.com {
  "dnt": false,
  "heuristicAction": "allow",
  "nextUpdateTime": 1508452765694,
  "userAction": ""
}
atlassian-account-prod.guardian.pus2.auth0.com {
  "userAction": "",
  "dnt": false,
  "heuristicAction": "",
  "nextUpdateTime": 1550637311614
}
**** SNITCH_MAP for auth0.com
auth0.com [
  "unrulymedia.com",
  "ocelot.studio",
  "graphql.com"
]
broken site
Source
picture ptim

Most helpful comment

Workaround: setting atlassian-account-prod.guardian.pus2.auth0.com to the Yellow/middle setting resolves the issue 馃憤

picture ptim on 19 Feb 2019
👍2

All 2 comments

Thank you for the report! Previously: #1175.

ghostwords picture ghostwords on 19 Feb 2019
👍2

Workaround: setting atlassian-account-prod.guardian.pus2.auth0.com to the Yellow/middle setting resolves the issue 馃憤

ptim picture ptim on 19 Feb 2019
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

iammyr picture iammyr  路  4Comments
urfausto picture urfausto  路  4Comments
apehex picture apehex  路  4Comments
DJCrashdummy picture DJCrashdummy  路  5Comments
ghost picture ghost  路  5Comments