All my binary codes were wiped by the Ravio OTP update and it seems very impossible to recover them unless they were backed up beforehand.
Ravio OTP was one of the most recommended two-factor authentication apps for iOS a few years ago, and since then Obtained in Summer 2023 A software development company called Mobime, which has already raised concerns about data protection and data security in online communities.
Using two-factor authentication is very important, but it is quite inconvenient, so many people are not satisfied with simple apps like Google Authenticator, or do not want to use it because they do not trust Google.
Authy, which was popular at a time when the authentication method was widespread, offered convenience: the codes could be saved in the cloud and, most importantly, we could synchronize them automatically between our devices, something that was not possible with a simpler app. However, doubts have also been raised about this company since it was the victim of a cyberattack.
Ravio OTP was an open source, well-known and trusted application before the acquisition, and at the time, Tijme Gommers, a cybersecurity specialist, was also behind it.
The bug came with version 1.6 of the app, which deleted the icons stored in the app, and during the previous update, backups to the cloud (iCloud) and to a ZIP file were also pushed.
Since iOS doesn't allow you to delve into the file system or memory, those who haven't backed up before have little chance of recovering the codes.
Updating the app is always risky, but necessary, because it is not safe to use such an app without fixing vulnerabilities and bugs.
The Ravio In a recent post on X They write “…they solved the import/export problem…”, which is a very calm formulation of what happened.
GitHub users were not so quiet, after the issue broke out, they opened bug tickets one after another, demanding information and a solution, and rightfully so.
The developers' response to this was to turn off the bug ticket functionality, so a new one cannot be opened, but even previous ones cannot be viewed.
After losing your tokens and getting a bunch of accounts locked out, you desperately sign up for Ravio hoping it will recover your data, only to find out it won't, and look for another solution, well, lost account recovery solutions. Sounds great.
Among the applications also available on iOS is Ente Authot. Suggested by internet peopleWhich has similar pros to the old Ravio. It's open source, runs in the cloud, has nice, offline, and end-to-end encryption, and Aegis Authenticator is still a good option on Android.
This case highlights the importance of backups in particular. key As for data. Mistakes can happen even at the biggest companies, and we saw that over a week ago during the Apple recalls.
Featured Image Photographed by Stefan Voegele, Source A Pixabay.
advertisement
