Vlad I would suggest showing a prompt explaining the need for the full disk access when the user puts a focus on a text input having the autocomplete="one-time-code" attribute. If user declines, it still should be accessible from the "Passwords" tab in Settings. Maybe a checkbox "Autofill one-time passwords from Messages", which shows the same prompt for the full disk access when clicked. A good UX would be first explaining the need with Accept/Decline, and only on Accept the system permission window should appear.
172
Retrieve 2FA codes from messages when signing in
[1] https://developer.apple.com/documentation/security/password_autofill
[2] https://developer.apple.com/documentation/security/password_autofill/about_the_password_autofill_workflow
Not sure whether that's 100% relevant, but could be a starting point?
Quoting from [2]:
Security code. If the system can parse a security code from an SMS message, the QuickType bar shows the code for up to three minutes after it has been received. If a security code arrives while the text input view is selected, the system pushes the incoming code to the QuickType bar.
To test the format of your SMS code for different languages, text a message to yourself. If you receive a message with an underlined security code, tap on the code. If a Copy Code option appears, the system has recognized your code.
Doesn't sound too far off, does it?
6 days later
ForumNinja404 changed the title to Retrieve 2FA codes from messages when signing in .
here's another option meanwhile this gets implemented into orion:
- use raycast as your spotlight replacement
- customize a hotkey to quickly retrieve the 2fa messages using the 2fa message retriever extensions which would make it almost similar to 1pw's
cmd + '\'for "universal auto-fill".
7 days later
Orion could use the code from that as inspiration
For those who want this feature asap, as soon as Sonoma launches the icloud password extesnions should be able to handle that.
why does my account show as deleted?
Vlad Maybe something like that?
Title: Access Messages to AutoFill 2FA
Text: Orion offers enhanced functionality to automatically scan your SMS messages for 2FA codes. To enable this feature, you'll need to grant Full Disk Access. With this permission, Orion can retrieve one-time passwords from your Messages app for AutoFill. Would you like to authorize Full Disk Access?
[ Grant Access ] [ Not Now ]
If user agrees, show them an alert with instructions how to do that (as other apps do) and two other buttons:
[ Go to System Settings ] [ Not Now ]
Please also check this convenience wrapper for requesting macOS permissions:
https://github.com/MacPaw/PermissionsKit
Vlad In my opinion, it would be great to show this the first time when the user puts a focus on a text input having the autocomplete="one-time-code" attribute. If declined, there should be another alert:
You can always turn this feature on in Orion settings.
[ OK ]
In the "Passwords" tab in Settings there should be a checkbox or an on/off indicator named "Autofill one-time passwords from Messages". When no Full Disk Access is granted, clicking it would show the same prompt explaining the need for the full disk access. When already having Full Disk Access, it should be turned on showing that AutoFill SMS 2FA is up and running.
Would this mark the message as read like Safari currently does? That way, the 'read' status syncs to iCloud and will show the message as read on connected devices that use iMessage
CoffeeMate you know what, i actually haven't noticed, lol. i'll have to check the next time. i want to say yes, but i'm not 100% sure.
24 days later
- Edited
I hope this comes to Orion. It's one of my favorite features in Safari, especially because it deletes the text from Messages after successfully logging in.
5 months later
This is the feature that prevents me from switching to Orion. As soon as it's possible to retrieve "FA codes" from SMS and email, as in Safari, I'll switch to Orion 100%.