Login to Gmail Fails at 2-Step Verification


#1

My Operating System

macOS High Sierra
Version 10.13.6
MacBook Pro (Retina, 15-inch Mid 2015)
Processor: 2.5 GHz Intel Core i7
Memory 16 GB 1600 MHz DDR3
Startup Disk: Macintosh HD
Graphics: AMD Radeon R9 M370X 2048 MB

Brave Version

Brave: 0.23.39
V8: 6.7.288.46
rev: 3ee14b026f09d7d71c1985b4a9c9a11d78ab8f49
Muon: 7.1.6
OS Release: 17.7.0
Update Channel: Release
OS Architecture: x64
OS Platform: macOS
Node.js: 7.9.0
Brave Sync: v1.4.2
libchromiumcontent: 67.0.3396.103

Description of Problem

Navigate to https://mail.google.com
Click “Sign In” in the menu bar.
Sign In dialog screen appears prompting for email or phone
Enter email address and click next
Dialog screen prompts for password
Enter password and click next
2 step verification screen appears and then immediately (less than 1 second after clicking “next” a modal dialog appears with "Try Again? Your sign-in attempt timed out. Resend the notification to try again. [and options to Resend or Try another way.]
I do receive a sign in prompt on my (Android) phone, and click it to allow the sign in, but nothing further happens in the browser.
I have tried “resend” which does resend another prompt to my phone, but still nothing further happens after verifying the prompt on my phone. I have tried just navigating back to mail.google.com (thinking that maybe the login attempt succeeded but the browser got stuck) but it just get the Google mail login screen again.

I made a video of the experience but am unable to upload it here (new users can’t upload) so uploaded to YouTube https://youtu.be/Kvx9UNtfku8

Thanks!


#2

@JeffOnWire, hello! Thanks for reaching out! Also I’d like to say that is an excellent bug report!
As for your issue, this has been reported and is being addressed by the team.
However, if you’d like to try a work around while the bug gets hammered out, you can disable Strict Site Isolation in settings. To do this, go to Settings --> Security --> (scroll down) Strict Site Isolation (toggle this to off). This should alleviate the issue, as SSI in its current state can cause undesirable behavior from certain websites/features.

Hope this helps! Thank you for supporting Brave :slight_smile:


#3

Hey @Mattches

Thanks for the quick reply, and apologies for my delayed response.

When I checked Strict Site Isolation, it was turned off (slider to the left and control background gray). I tried turning it on (slider to the right and control background orange) but it made no difference.

The problem report includes a screen shot of an error message that reads, “Something went wrong. Remove your security key and try again.”

I never see that error message. I just get a popup stating that the sign-in attempt has timed out. The popup happens immediately after submitting the sign-in form. Not saying the two aren’t related somehow, but this seems to be something different.

If there’s anything else I can try or test, or if you’d like video of me trying to turn the SSI on/off please let me know. Happy to provide as much assistance as I can.


#4

@Mattches @JeffOnWire I think this one? https://github.com/brave/browser-laptop/issues/7866 :slightly_smiling_face:


#5

@JeffOnWire, good to hear from you!

So I believe @eljuno is correct - Doesthis issue more accurately match what you’re experiencing? Also, I’ve attached a gif below of me (on the current live release) using Brave to sign into gmail via 2FA and what my shields panel looks like when doing so. Would it be possible for you to submit a similar video? (Note: A large area of the screen is pixelated, just to hide my personal information. When I click “more options”, its just to change the authentication type to send a text)


#6

Yes, the issue you suggested sounds very similar. I get a slightly different UX with the popup, but essentially it sounds the same.

I posted the video on YouTube because I’m still blocked from uploading videos here (new user restriction): https://www.youtube.com/watch?v=Kvx9UNtfku8&feature=youtu.be

If there’s something else I can record or try (turning on/off SSI doesn’t seem to matter but would be glad to record it) just let me know.

Jeff


#7

Hello again Jeff, sorry for the delayed response.
I’m going to suggest one last Shields config. change to try before I go ahead and add your report to the previously logged 2FA issue

Try logging into gmail with the following settings in your Shields panel:
Ad Control: Block Ads
Cookie Control: Allow All Cookies <—this is the important one
Fingerprinting Protection: Block 3rd Party FP

If the same behavior presents, click “Try another way”/ “More options”, then reselect the option to verify via text code. If you’re still unable to log in I’ll go ahead and +1 the issue on your behalf so the team can review it.

Let me know what happens!


#8

If you do not see the link and you use an account through your work, school, or other group, you might have to access the 2-Step Verification setup through a special URL. It is also possible that your organization hasn’t set it up yet. Check with your domain administrator to find out.


https://downloader.vip/minecraft-pocket-edition/ https://downloader.vip/counter-strike/ https://downloader.vip/google-play-services/


#9

NOTE: This is now a month after the initial report… troubling to see a bug of this importance still on a published release.

@Mattches , I seem to have a similar issue. I just installed Brave for the first time ever to try out, and the first time I tried to log into my gmail account it failed with the exact same error.

I’m also using Android linked authentication (not SMS), and am running on Mac as well.

I’ve also enabled 1Password and am using that.

(And “Strict Site Isolation” was already off)

I can probably work around this, but not being able to use my usual security methods is a little unsettling… especially since I wanted to move to Brave for the enhanced protection.


#10

@lailoken, have you tried both of the methods I detailed in previous replies?


#11

Thanks @Mattches, I missed the second suggestion. That indeed worked for me.


#12