fb-messenger-cli icon indicating copy to clipboard operation
fb-messenger-cli copied to clipboard

Published 20 hours ago verified publisher icon Alex-Rose

Signing in results in forced Facebook password reset

Open jakecoppinger opened this issue 4 years ago • 8 comments

To reproduce:

  • git clone
  • npm install
  • node cli
  • sign in
  • Presented with empty conversation screen:
Select conversation :
>
  • Signed out of facebook.com in browser, sign in starts password reset process

Would this be something on fb-messenger-cli's end or Facebook being over-active in resetting passwords?

Thanks very much for all the amazing work, I don't believe you owe me anything :)

jakecoppinger avatar Sep 09 '19 00:09 jakecoppinger

I would assume this has to do with Facebook's fraud detection. I wouldn't speculate on what exactly caused the password reset but we don't have code that would actively try to do that in this app.

I did this to myself once when I was working on sign in. If for any reason the login code gets stuck in an infinite loop, you will rapidly exceed the login attempt limit.

Alex-Rose avatar Sep 21 '19 16:09 Alex-Rose

Maybe it would be a good idea to add a retry limit, and once that limit is reached, we prompt the user to ask them to login in a browser to prevent lockout / forced pw reset?

p1ho avatar Sep 21 '19 23:09 p1ho

This happened to me today. I wonder if FB recently changed something in their fraud detection algorithm.

MichaelSheely avatar Sep 23 '19 18:09 MichaelSheely

I confirm I ran into this issue as well and can't use the tool anymore either.

marcel-valdez avatar Sep 28 '19 22:09 marcel-valdez

I also have to unfortunately confirm. This has happened to me twice over the past week.

Steps I have done to reproduce problem:

  • open fb-messenger-cli
  • enter a conversation and send a message
  • exit fb-messenger-cli

10 minutes later, my account was locked and I received a message from Facebook asking me to change my password.

felleg avatar Oct 01 '19 18:10 felleg

Can confirm this issue. I normally use 2FA authentication, but fb-messenger-cli didn't accept logging in with the app-specific generated password. After disabling 2FA I was able to login, but then my account got locked down after 10 minutes.

nilsjha avatar Oct 04 '19 11:10 nilsjha

+1 Started happening to me after using fb-messenger-cli without any problems for two months

Zaraka avatar Oct 29 '19 10:10 Zaraka

I randomly installed fb-messenger-cli using npm install today, and I didn't have any issue with my password being compromised or needing a reset. Maybe this issue got resolved on Facebook's side.

felleg avatar Feb 05 '20 19:02 felleg