Created attachment 126925 [details]
In the new version this bug is not corrected (Bug 100113).
Now he asks for a PIN but never gets a message that does not accept PIN and the PIN generated by Autenticator App.
Created attachment 126926 [details]
Error... The same error as before
@guiseppe: maybe you can have a look?
Build ID: 066b007f5ebcc236395c7d282ba488bca6720265
CPU Threads: 4; OS Version: Windows 6.2; UI Render: default;
Locale: it-IT (it_IT)
I found it working on standard (e.g. not 2FA) account.
Unfortunately not working on a 2FA enabled account.
Strangely Google sent me always the same PIN code.
Until a few days ago 2FA worked, with the same LO version.
I think Google changed again the login page.
Unfortunately I don't have time to look into the matter ATM, it will be necessary to fix something in libcmis I think.
Confirmed based on Giuseppe's reply.
Created attachment 127123 [details]
LibreOffice 18.104.22.168 Google drive 2FA failing english
Have experienced the same "Error saving the document <filename>: The specified device is invalid" error as before. The only advancement with 22.214.171.124 is that we are now being requested the PIN. But once we enter that, the result remains the same as in the screenshot attached.
Same problem on Libreoffice 126.96.36.199 x64 on Windows 10.
After entering the PIN, I get the error "The specified device is invalid".
So I can't even browse my contents on Google Drive.
I am not sure if my experience is appropriate to this bug, or if it something else.
But it is definitely a case of 2-factor not working!
I have installed the 64 bit version 188.8.131.52
When attempting to connect to google drive I get a dialogue asking me for a PIN from my account There is a small dialgoue with a G- in front of the data entry box.
What pops up on my phone is a wholly different dialogue, asking me to tap on one of 3 numbers that are displayed on the login attempt. They aren't.
So LibreOffice is asking for a number that is not displayed on the phone, and the phone is asking for a number that is not displayed by LibreOffice. SOme mistake there, I feel.
Screen grabs wil follow
Created attachment 127700 [details]
First screen grab for comment 7
This is Libre Office trying to log into my Google Drive account, and waiting for authentication
Created attachment 127701 [details]
Second screen grab for comment 7
This is what the phone offers as the 2nd factor
(In reply to Alberto Gaburro from comment #6)
> Same problem on Libreoffice 184.108.40.206 x64 on Windows 10.
> After entering the PIN, I get the error "The specified device is invalid".
> So I can't even browse my contents on Google Drive.
Upgraded Libreoffice from 220.127.116.11 to 18.104.22.168 x64 on Windows 10.
Nothing changes :(
(In reply to Alberto Gaburro from comment #10)
> (In reply to Alberto Gaburro from comment #6)
> > Same problem on Libreoffice 22.214.171.124 x64 on Windows 10.
> > After entering the PIN, I get the error "The specified device is invalid".
> > So I can't even browse my contents on Google Drive.
> Upgraded Libreoffice from 126.96.36.199 to 188.8.131.52 x64 on Windows 10.
> Nothing changes :(
Upgraded Libreoffice from 184.108.40.206 to 220.127.116.11 x64 on Windows 10.
Nothing changes :(
I can confirm that Google Drive 2FA is broke again.
LibreOffice 18.104.22.168 (Fresh PPA), Linux Mint 18.1.
(In reply to Alberto Gaburro from comment #11)
> (In reply to Alberto Gaburro from comment #10)
> > (In reply to Alberto Gaburro from comment #6)
> > > Same problem on Libreoffice 22.214.171.124 x64 on Windows 10.
> > >
> > > After entering the PIN, I get the error "The specified device is invalid".
> > > So I can't even browse my contents on Google Drive.
> > Upgraded Libreoffice from 126.96.36.199 to 188.8.131.52 x64 on Windows 10.
> > Nothing changes :(
> Upgraded Libreoffice from 184.108.40.206 to 220.127.116.11 x64 on Windows 10.
> Nothing changes :(
Upgraded Libreoffice from 18.104.22.168 to 22.214.171.124 x64 on Windows 10.
Nothing changes :(
Upgraded Libreoffice to 126.96.36.199 x64 on Windows 10.
Nothing changes :(
Version field is supposed to be the oldest version the bug was observed with, please don't change to a newer one.
Just confirmed on XUbuntu 16.04.2 using the following LibreOffice build:
Build ID: 1:5.3.0~rc3-0ubuntu1~xenial1.1
CPU Threads: 4; OS Version: Linux 4.4; UI Render: default; VCL: gtk2; Layout Engine: new;
Locale: en-US (en_US.UTF-8); Calc: group
Further, I noticed that when I enter a wrong password with two-factor enabled, the dialogue for two factor appears. Then I enter the six digit code and whatever I enter in that box I get "The specified device is invalid".
I also get this error if I type an unused email address or the wrong password.
Same behavior here (using LO from TDF, version 188.8.131.52). In fact, my phone never receives the expected SMS from Google, so I can't even type the 6-digit G-code.
I confirm the bug in version 184.108.40.206 on Windows 10 x64.
2-FA enabled Google Account doesn't work.
Just the same, LO from TDF, 220.127.116.11, Linux
Thanks for the update, but Max, please keep version at earliest (known) affected.
Confirmed "The specified device is invalid." with good credentials and good OATH-TOTP code.
Let me know if I can add any information. It's not clear to me how or whether it's possible to enable any form of logging for LibreOffice on Windows.
Version: 18.104.22.168 (x64)
Build ID: 6cd4f1ef626f15116896b1d8e1398b56da0d0ee1
CPU Threads: 8; OS Version: Windows 6.1; UI Render: GL; Layout Engine: new;
Locale: en-US (en_US); Calc: group
Oracle JRE 1.8.0_131 x86 and x64 installed system-wide, functioning, and enabled in LO options.
Java critical files -
#System Deployment Properties
Today i tried to connect to Google Drive with LO 5.3.3(32Bit) on Win10Pro 64Bit with 2FA, and i worked, but only, if i receive the PIN via SMS on my IPhone.
During the initial installation i received 2 PINs.
PIN via Autenticator App does not work for me too.
Yo no recibo nunca el mensaje con Movistar en Argentina. Si es para ingreso al Mail, sí, pero no para esto.
I never receive the message with Movistar in Argentina. If it is to login to the Mail, yes, but not for this.
For me also, authentication via Google Authenticator app on iOS didn't work.
As LO - strangely - doesn't offer a choice of alternative options to choice Google authentication code delivery method delivery, then you have to setup your phone as Default Google Authentication option - then, again problem, as Google, doesn't allow freely to choose delivery option, and set default delivery option itself, the only way to get phone as a default Google authenticator code delivery option is to remove all other options, namely, in my case, Google Prompt option, and Google Authenticator app option.
Then - again strangely - LO ask for GDrive credentials, incl. authenticator code again - I am just wondering, what the sense of going such loop..?
Then, when finally Gdrive directory get populated there are only just like 50-100 files and one directory, out of 1000s... - rendering it unusable.
LO Version: 22.214.171.124
Build ID: 7556cbc6811c9d992f4064ab9287069087d7f62c
CPU threads: 2; OS: Windows 6.2; UI render: default;
Locale: en-IE (en_US); Calc: group
I tried to connect to Google Drive just after having installed LO 5.4. No change appeared : my phone received non SMS from Google.
Using LO 126.96.36.199 on Ubuntu 17.10, with 2FA *disabled*, I am asked for the PIN anyway. Unable to sign in.
Experiencing the same issue in Windows 188.8.131.52.
The bug is still there on LO 6.0.4 (Linux). I tried opening Google drive giving my account either as (my Gmail address) or (the first part of my Gmail address), without success : my phone didn't receive any SMS.
With Outlook. com accounts. the same thing happens.
Is another report required or can you see with this one as well?
With Outlook. com basins, the generated URL generates the same error.
(In reply to Leandro Martín Drudi from comment #29)
> With Outlook. com accounts. the same thing happens.
> Is another report required or can you see with this one as well?
> With Outlook. com basins, the generated URL generates the same error.
Sorry, Basins*: Accounts
(I translate with google)
This is still a problem in 184.108.40.206. I have 2FA enabled and get the phone notification to approve the login every time I try to login. I approve the login, which does nothing with LO. I try to enter the PIN from Authenticator and receive the message about the device being invalid.
Let's keep version field as the earliest known affected version.
This bug also affects 2FA Google accounts that are using the App Password feature (https://support.google.com/accounts/answer/185833?hl=en) This is a feature that allows you to use a 16 character password that is unique to the app and it usually bypasses the need for any other 2FA method. Whether you use the standard Google password or the App password, LibreOffice is still prompting for a G-Pin to complete the sign in.
Created attachment 142096 [details]
screen of the issue in ubuntu
I'm using the version 220.127.116.11 with Ubuntu (Build ID: 1:6.0.3-0ubuntu1).
I was able to setup my google account in order to receive the 6-digits PIN in my smartphone.
But even after type it I'm getting the "The specified device is invalid." when trying to setup the connection.
Btw, I'm able to connect to Drive using Nautilus.
*** Bug 119511 has been marked as a duplicate of this bug. ***
Hello, I just updated my LO install to the 6.1.1 version (Linux + KDE). And, suddenly, the connection with my Google drive works (with 2FA), that's really marvelous !
Thank you for your work.
I try in Windows and don't work.
Versión: 18.104.22.168 (x64)
Id. de compilación: 5d19a1bfa650b796764388cd8b33a5af1f5baa1b
Subprocs. CPU: 4; SO: Windows 10.0; Repres. IU: predet.;
Configuración regional: es-AR (es_AR); Calc: CL
(In reply to Robert Cabane from comment #36)
> Hello, I just updated my LO install to the 6.1.1 version (Linux + KDE). And,
> suddenly, the connection with my Google drive works (with 2FA), that's
> really marvelous !
> Thank you for your work.
Most likely fixed by https://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-6-1-1&id=2751f625990bc4d619eb2b0b895f9d510f768a02
(In reply to Leandro Martín Drudi from comment #37)
> I try in Windows and don't work.
> Versión: 22.214.171.124 (x64)
> Id. de compilación: 5d19a1bfa650b796764388cd8b33a5af1f5baa1b
> Subprocs. CPU: 4; SO: Windows 10.0; Repres. IU: predet.;
> Configuración regional: es-AR (es_AR); Calc: CL
Do you get any erro message?
(In reply to Xisco Faulí from comment #39)
> (In reply to Leandro Martín Drudi from comment #37)
> > I try in Windows and don't work.
> > Versión: 126.96.36.199 (x64)
> > Id. de compilación: 5d19a1bfa650b796764388cd8b33a5af1f5baa1b
> > Subprocs. CPU: 4; SO: Windows 10.0; Repres. IU: predet.;
> > Configuración regional: es-AR (es_AR); Calc: CL
> Do you get any erro message?
El mismo de siempre: «El dispositivo especificado no es válido.»
Cuando he confirmado el LogIn en la ventana de LibreOffice, una ventana aparece en mi spartphone pidiendo autorización para el LogIn (con el fin de no usar el código).
Presione "OK" o presione "No, no soy yo", igualmente, el código no funciona. He probado con el que llega por SMS tanto como el que se genera con la App "Autenticator" y ninguna funciona. El resultado es siempre el mismo.
The same like always: "The specified device is invalid."
When I have confirmed the LogIn in the LibreOffice window, a window appears on my spartphone asking for authorization for the LogIn (in order not to use the code).
Press "OK" or press "No, it's not me", likewise, the code does not work. I have tried with the one that arrives by SMS as much as the one generated with the "Authenticator" App and none of them work. The result is always the same.
Created attachment 145146 [details]
PopUp in my Android Smartphone. Android 8.0
it's not working with
Version: 188.8.131.52 (x64)
CPU-Threads: 4; BS: Windows 10.0; UI-Render: Standard;
Gebietsschema: de-DE (de_DE); Calc:
and Authenticator App.
Entering 6 digit code ends with error message:
"The specified device is invalid."
browser login with Authenticator App works on my notebook.
Still getting this in Linux 184.108.40.206 on Ubuntu 18.10.
Trying to use remote storage with 2FA application on phone.
Program prompts for pin, no popup on phone, pin from app results on "Invaid Device" message.
Thanks for checking, Karl, please note that the version field is for the oldest known affected version.
This is not working for 220.127.116.11 and 18.104.22.168.alpha1 on W10.
- 6 digit code asked with and without 2FA enabled.
- Invalide device error message.
Same problem on LibreOfficeDev 22.214.171.124.beta1
Tried without 2FA, got prompt for 6 digit code.
Turned on 2FA, installed Google Authenticator, but code from Authenticator does not work.
To add onto what was previously written.
PIN is asked for irrespective of 2FA status.
Not using Authenticator, the 2FA SMS is not sent either.
Would happily volunteer my time to debug, but the information on https://wiki.documentfoundation.org/QA/BugReport/Debug_Information is daunting. Would need a bit of guidance.
Build ID: 1:6.1.3~rc2-0ubuntu0.18.04.2
CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk3;
Locale: en-US (en_US.UTF-8); Calc: group threaded
@Muhammet, since you fixed the personas issue, I thought you might be interested in this issue as well. I know they are not related at all, I'm just trying to find someone who might fix this one...
*** Bug 123315 has been marked as a duplicate of this bug. ***
*** Bug 124291 has been marked as a duplicate of this bug. ***
*** Bug 124375 has been marked as a duplicate of this bug. ***
*** Bug 124439 has been marked as a duplicate of this bug. ***
*** Bug 100914 has been marked as a duplicate of this bug. ***
*** Bug 126212 has been marked as a duplicate of this bug. ***
This feature doesn't work with my Google account _w/o_
Bug hasn't be resolved for about 3 years and "very soon"
we may celebrate 5 years anniversary. %-(
Google Drive two-factor authentication not working on 126.96.36.199 I'm getting the "The specified device is invalid." when trying to setup the connection.
*** Bug 129835 has been marked as a duplicate of this bug. ***
*** Bug 127662 has been marked as a duplicate of this bug. ***
Questions on AskLibO:
... and more. Xisco: a topic for ESC?
Just tried to add my Google Drive and One Drive accounts and had the exact same error of "Specified device is invalid" with both services.
Also tried to make a connection via Sharepoint 2013 and it did not work as well.
Just an FYI. In the "This week in KDE" of May 15th 2020 Nate Ingraham reported that a similar issue to this one was solved for KMail and Kontacts.
This is their bug report:
In comment 122 from that bug report they state the following:
<<Google has approved KMail access to Gmail via Googla Sign-in today, so it should work again. Should you still see some errors, please let us know.>>
They link to a Reddit topic where a lot of the steps to fix this are detailed!
Here are the relevant comments:
I would like to share some news :) This morning Google has approved our verification request to allow KMail/Kontact to sign into Gmail using the Google Sign In, which supports 2FA out-of-the-box and is more secure, since KMail/Kontact never sees your password.
If you have your IMAP account in KMail already configured in KMail and you would like to start using the OAuth sign-in, go to the account configuration (Settings→Configure KMail→Accounts→Receiving→[your Gmail IMAP account]→Modify) and in the Advanced tab select "Gmail" in the Authentication combo box.
If you want to add a new account, the Gmail authentication method will be chosen automatically by KMail.
Should you still see "Sign in with Google temporarily disabled for this app" or some other error, let me know, please."
Here's more detail to satisfy Google's requirements to link to Gmail:
Additional Requirements for Specific API Scopes:
Hopefully this is enough information for work to be done to fix this bug. It's worth research how this works for Microsoft's One Drive as well since that one is also broken.
Here's the relevant pages from Microsoft to address this for connecting to One Drive via OAuth 2.0:
In Windows Version: 188.8.131.52.beta1 (x64)
Build ID: 94f789cbb33335b4a511c319542c7bdc31ff3b3c
CPU threads: 4; OS: Windows 10.0 Build 18362; UI render: Skia/Raster; VCL: win
Locale: en-US (en_US); UI: en-US
Also in latest Linux version - unknown as I am on Windows at the moment, but it's broken exactly the same way on Linux.
When asking to save remotely, Google prompts for six digit PIN which I do not have.
It is a wonderful feature that used to work.
It no longer works.
Same issue here.
Tested with my google drive account and still asking for the 6 digits PIN.
2FA is not activated.
Version: 184.108.40.206.beta1 (x64)
Build ID: 94f789cbb33335b4a511c319542c7bdc31ff3b3c
CPU threads: 4; OS: Windows 10.0 Build 17763; UI render: Skia/Raster; VCL: win
Locale: fr-CH (fr_FR); UI: en-GB
Florian - this looks like something that TDF would need to chase to fix ? a nice list of things to do from Pedro; is this something you can handle ?
Oh, indeed, looks like lots of fun... :-)
I'll chase this with the team and try to get the paperwork done
google authentication is https://github.com/tdf/libcmis/issues/22 / a bit more involved. (but I think it should also be fixable by using plain oauth2 and the same copy-URL-to-Browser and copy-the-result-back workflow.
Google's docs mention to just listen on a local loopback IP address and get the result that way - that is of course also an option to at least avoid copy-back into the dialog. But that's a "stretch goal" :-)
Google lists the Manual copy/paste with a hint of "may be discontinued in the future"
For onedrive it seems that the API was never migrated from the old/deprecated/now-non-function live apis to Microsoft graph.
The only "not-so-nice" thing is that we ask the user to copy'n'paste back between the browser and the LO dialog, but that's easy enough to do. Furthermore we can get rid of the username/pw entry that LO cannot use anyway
(or rather: It (LO/libcmis) should not attempt to imitate a user using the browser and try to parse the response of whatever login window appears that is augmented with webX.y stuff :-))
Fixing onedrive should be easy enough to do:
* Fix endpoints/scopes to match the Graph scheme
* Fix libcmis to use the new (or rather current) OneDrive REST API (instead of the old skydrive one that doesn't work anymore since end of 2018....)
* Fix remote-server dialog to not ask for username and password - authentication/login is handled in the user's browser
*** Bug 136672 has been marked as a duplicate of this bug. ***
*** Bug 136562 has been marked as a duplicate of this bug. ***
This from Google drive support in response to me asking them how to gain access;
Currently, Google Drive does not have a feature where you can set a pin or password to a certain files. Google Drive only saved the files the way we created it. If you forgot the password on the file you want to access you need to contact the program developer who created the apps or program you used prior saving it to Google Drive.
Since you are trying to unlock Libre Office documents, you need to reach their support for further assistance.
Libre Office Community Support
Libre Office Professional Support
When you contact Libre Office Support, please let them know that you need help with the 6 digit PIN so that it will allow remote access from your Libre Office account.
Where does the 6 digit pin originate?
I imagine even if LO fixes the issue then "newer" LO users who haven't previously availed themselves of the service simply won't have a 6 Digit PIN.
That's certainly my situation. I'm not trying to access existing files, just trying to implement the cloud storage for some CALCs by File> Open Remote> Add Service (from the dropdown menu defaulting to Manage services.
*** Bug 139088 has been marked as a duplicate of this bug. ***
(In reply to Colin from comment #70)
> This from Google drive support in response to me asking them how to gain
> When you contact Libre Office Support, please let them know that you need
> help with the 6 digit PIN so that it will allow remote access from your
> Libre Office account.
> Where does the 6 digit pin originate?
That pin was part of the now no longer supported login mechanism into your gdrive account, it wasn't used by LibreOffice as a pin or password to protect the documents, but rather just how the login worked..
> I imagine even if LO fixes the issue then "newer" LO users who haven't
> previously availed themselves of the service simply won't have a 6 Digit PIN.
And they won't need that pin.
> That's certainly my situation. I'm not trying to access existing files, just
> trying to implement the cloud storage for some CALCs by File> Open Remote>
> Add Service (from the dropdown menu defaulting to Manage services.
Both cases will be solved when the login/token generation is changed as described in comment#67, similar as it has been done for onedrive for 7.1.0 (fixing gdrive login is on the todo, but just didn't make it into 7.1.0).
So then the user-experience would be (for the time being):
* User chossed to open/save to remote service
* LO asks to copy the login URL to browser
* User logs in to the service using their browser, granting LibreOffice the access privileges if not already done so in the past
* browser will return a code that has to be pasted back into the LibreOffice window
→ for the duration of the LO session, LO can then create access tokens and won't have to ask the user again.
To be fully clear: I know that this is not a great user-experience, so the copy-the-code-back to the LibreOffice window can be solved by having LibreOffice listen on a localhost address and setting the redirect URL to that localhost address, so that would eliminate the need for manually copy'n'paste.
But the bigger drawback is that currently LibreOffice doesn't store the refresh_token, so it will have to ask every time LO is started and the files are accessed. (typically they are valid for multiple weeks/months)
They should be securely stored locally, so the most natural way would be to use LibreOffice's password-store for that, so the user only would have to unlock it using the master password and not do the login-dance.
(In reply to Christian Lohmaier from comment #73)
> (In reply to Colin from comment #70)
> To be fully clear: I know that this is not a great user-experience, so the
> copy-the-code-back to the LibreOffice window can be solved by having
> LibreOffice listen on a localhost address and setting the redirect URL to
> that localhost address, so that would eliminate the need for manually
That's infinitely superior to Write LO Calc > Export to eXcel> Upload to GDrive> open with G.Sheets> Modify to mitigate the G.Sheet inadequacies> Work with G.Sheets until the next function change> Copy'n'Paste unformatted data to source LOCalc and then recycle. Still, I'm becoming a Wiz at version control;)).
Christian, thank you for taking the time to inform us. Much appreciated.
You advise it didn't make the cut to 7.1 - is there a guestimate as to when it might be available?
Can we adjust the bug report to reflect a later version of LO instead of old unsupported versions? Currently, it's set to 220.127.116.11.
(In reply to Christian Lohmaier from comment #73)
> But the bigger drawback is that currently LibreOffice doesn't store the
> refresh_token, so it will have to ask every time LO is started and the files
> are accessed. (typically they are valid for multiple weeks/months)
> They should be securely stored locally, so the most natural way would be to
> use LibreOffice's password-store for that, so the user only would have to
> unlock it using the master password and not do the login-dance.
Thanks, Christian. Do you know if there's a bug report for this? I want to follow its updates.
(In reply to yogeshg from comment #75)
> Can we adjust the bug report to reflect a later version of LO instead of old
> unsupported versions? Currently, it's set to 18.104.22.168.
As the label says, the version field is for the earliest (known) affected version, in general it's useful for narrowing down when a bug was introduced, to hint at whether it's a more recent regression/implementation error, or whether it was already in the first LO version.