Some code become Invalid after set a password

This bug can be reproduced in the latest code in dev branch

<del>1. Export an encrypted backup 2. Open a new Authenticator instance (do a rest before test, make sure no password is set in Authenticator) 3. Import the backup with correct password 4. Set a different password in security menu 5. Some code become Invalid</del>

This bug won’t make all code Invalid, but all code are broken with incorrect results.

Update:

This issue has no relationship with import backups.

It seems when we set a password, we failed to set encrypted flag for existing entries.

1. Open a new Authenticator instance (do a rest before test, make sure no password is set in Authenticator)
2. Add a new account
3. Set a password in security menu
4. Execute chrome.storage.sync.get(console.log) to see result

The existing account secret has been encrypted, but the encrypted flag is still set to false.

Still digging

Update2:

The latest code has fixed this issue. This issue doesn’t affect any published versions of Authenticator.

The root cause of this bug is because we retired encrypted flag and use a new field encSecret to handle detecting encrypted secret. There is a logic mistake to migrate this change. We have also created a new issue to remove encrypted flag to make the logic clear.