Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google treats every authentication attempt as a "new device" #241

Open
laurisvan opened this issue Feb 1, 2022 · 5 comments
Open

Google treats every authentication attempt as a "new device" #241

laurisvan opened this issue Feb 1, 2022 · 5 comments

Comments

@laurisvan
Copy link

First of all, thanks for a great tool - this really helps us to solve one everyday problem we have!

However, now that we are taking the tool into use, it appears that every sign-in attempt results in an e-mail from Google warning about a new device sign-in attempt. We also get a CAPTCHA prompt for every login.

We noticed a new sign-in to your Google Account on a AWS Sign-in device. If this was you, you don’t need to do anything. If not, we’ll help you secure your account.

Is there any possibility to remember the device information, so that Google would not send the authentication warnings. We would like to retain the warning if possible to bring visibility on new devices signing in.
@laurisvan
Copy link
Author

Closing this one - stupid user error (that's me!) - it appears that actually verifying the sign-in attempt from within Google Accounts -> Security page removes this nagging.

@JPLemelin
Copy link

I'm actually facing the same problem, every sign-in attempt I got a e-mail from Google about new device sign-in, and I also got a CAPTCHA prompt.
In the Security Page of Google Account, I did not see anything that I can change to remove this annoying problem.

@laurisvan, can you elaborate what change you made in the Security Page of Google Account ?

@laurisvan
Copy link
Author

@JPLemelin The problem actually reappeared for me as well when turning on MFA. I cannot see that verification form again. Previously Google recognised google-aws-auth authentication attempts as new devices that would need to be verified. It appears that is not the case anymore, but I still do get the CAPTCHA prompt.

I'll reopen this ticket - perhaps some of the authors can clarify why CAPTCHA appears and how it could be disabled. For reference, I am using version 0.0.37 installed via python pip. (as previously the problem seemed to be due to outdated version of urllib3. My current urllib version seems to be 1.26.8, which is more recent than the versions that were earlier reported to have issues.

@laurisvan laurisvan reopened this Mar 23, 2022
@JPLemelin
Copy link

I'm also using vers 0.0.37 installed with brew, it using urllib3 1.26.8

image

@redterror
Copy link

I noticed this same behavior when I updated to the most recent version of aws-google-auth. However when using the docker image with sha acf88b49d250, I only sporadically get the CAPTCHA. What's extra fun is that the CAPTCHA appears to be quasi-optional, e.g. when prompted I hit ctrl-c, rerun aws-google-auth, and usually I don't get that challenge again. Considering that I have literally 3 MFA options enabled I don't feel bad about this in the slightest. 😂

Something definitely changed between that older version and the newest.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@redterror @laurisvan @JPLemelin