Bank HaPoalim is asking for 2FA in chromium

[liranelisha]

starting last week, Bank HaPoalim is asking for elevated privileges via 2FA through the phone for unknown sessions, causing each run from the scraper to prompt the 2FA

[daniel-hauser]

Where do you run the scraper from? It might be related to the location of the servers.
I'm running in GitHub actions and never got a 2fa request

[liranelisha]

i run it locally from a machine in israel

[JavierChames]

Hi ,i have the same issue(running the code on raspberry pi)-any idea for a solution?

[baruchiro]

@galbarm

[gbarmashiahflir]

Happens to me to well.
What's weird is that when testing with showBrowser: true, the login finishes successfully and no 2FA is requested.

[liranelisha]

@gbarmashiahflir yeah, that's my mitigation as well. when scrapping hapoalim i show browser. that makes sense as the headlesss browser and headed browser has different signature, making the headed browser show the 2fa once, and once solved not showing it again. however this isn't possible with headless browser.
waiting to see if there could be a more reliable solution

[ranrib]

I'm experiencing the same issue. It looks like when I'm trying a new machine/IP (changing somehow my signature), it asks for 2FA again.

[JavierChames]

i found a "kind" of workaround for my case, I use raspberry pi, usually i installed a light version of Raspbian os(OS for raspberry pi) with no desktop(only cli)-this time i installed the desktop version enter to the browser-get the SMS to enter the code, enter to the site. and then tried again the script-this time it worked..not the best-but for my case its seems to work 🤣

[github-actions]

Issue has been marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[baruchiro]

I think now with One Zero, this project supports the 2FA process.

Maybe we can configure HaPoalim to use a 2FA process when needed.

[JavierChames]

Hi
the issues occurs again..it worked and somehow it request for 2F now.any idea anyone?

[liranelisha]

it reoccurs on my machine as well every 3 or 4 months

[JavierChames]

@liranelisha any idea for solution?

[JavierChames]

@sebikaplun maybe you? :-) regarding the issue of 2FA for Bank hapoalim?

[sr01]

An OTP is required when using a new device. The device identifier is stored in local storage. To persist it, Puppeteer must be configured with userDataDir.

[JavierChames]

The issue is that its not a new device...
For example, i run it from Raspberry pi, when i open the browser there is no issue.
But if i run the script it requires the 2FA...