Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can neither use existing nor register new FIDO2 token with "FIDO U2F" → install Webauthn addon for two-factor #614

Closed
nursoda opened this issue Jul 10, 2024 · 1 comment
Closed

Can neither use existing nor register new FIDO2 token with "FIDO U2F" → install Webauthn addon for two-factor #614

nursoda opened this issue Jul 10, 2024 · 1 comment
Labels
Bug

Comments

@nursoda
Copy link

nursoda commented Jul 10, 2024

Describe the bug

I had a Solo Micro USB FIDO2 token registered approx. a year ago. It used to work fine.
I tried to log in today, 2FA using the (default) token didn't work, neither in FX nor Chromium:
The token wouldn't was not accessed (i.e. turn from green to orange).
It does work on other Websites such as my self-hosted Nextcloud.
I also tried with differen FIDO2 tokens such as Yubikey 5, Nitrokey and Solo 2.
That only leaves Linux (but Nextcloud works there) and the PlugIn.

Steps to Reproduce

  1. Have two-factor installed and enabled
  2. Go to profile, activate some other, like email and TOTP
  3. Try to register a security key (in the lower section)

This does not start the process for me: None of my devices enters "register" state. I just see the spinner:

Screenshots, screen recording, code snippet

grafik

Environment information

I'm on (Arch) Linux, Webserver is hosted, Apache.
WP 6.5.5, Elementor, custom Theme, Elementor 3.22.3, two-factor 0.9.1.

Please confirm that you have searched existing issues in this repository.

Yes

Please confirm that you have tested with all plugins deactivated except Two-Factor.

No
@nursoda nursoda added the Bug label Jul 10, 2024
@dd32
Copy link
Member

dd32 commented Jul 10, 2024

Hi @nursoda,

Browsers have deprecated the U2F standard which the Two-Factor plugin uses for security keys. As a result, you will be unable to authenticate.

My personal recomendation is to install the WebAuthN plugin: https://wordpress.org/plugins/two-factor-provider-webauthn/

See #423
@dd32 dd32 closed this as not planned Won't fix, can't repro, duplicate, stale Jul 10, 2024
@nursoda nursoda changed the title Can neither use existing nor register new FIDO2 token Jul 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug
2 participants
@dd32 @nursoda