FIDO U2F Security Keys not being enabled

[surao101]

WP Version - Version 6.1.1. Plugin Version - 0.7.3 PHP Version - 8.0 Browser - Brave version - Version 1.47.186 Chromium: 109.0.5414.119 (Official Build) (x86_64) STEPS

1. Enabled and setup "Time Based One-Time Password (TOTP)" Tested to see if it works : It Works.

2. Checked the Enabled Checkbox for FIDO U2F Security Keys and updated profile It reloaded with " FIDO U2F Security Keys" unchecked.

3. Disabled "Time Based One-Time Password (TOTP)" and updated profile.

4. Checked the Enabled Checkbox for FIDO U2F Security Keys and updated profile It reloaded with " FIDO U2F Security Keys" unchecked.

Unable to enable " FIDO U2F Security Keys"

When I tried this on another cloned install of the above, I first tried FIDO that didn't work, then I tried TOTP, that didn't get enabled either, nothing was getting enabled.

---

I tried it on Mozilla Firefox (109.0 (64-bit)) and I was able to get it to work, I was using the Brave Browser when I was facing the above issues, it doesn't work on the Brave Browser. Also when I try logging in on the Brave browser and use FIDO it doesn't work, it works on Mozilla Firefox (109.0 (64-bit))

[xiaomodao]

hello, same issue here.

Yubikey work on Firefox for me, but not work on Edge browser. edge browser dont open the yubikey screen. edge version: 109.0.1518.78

[iandunn]

U2F no longer works in Chrome or browsers based on it. #423 has more info.

The provider not enabling sounds like a different issue, though.

[burnedfaceless]

Hi, U2F no longer works for me. In Chrome initially and in Safari later.

Thanks for the work on this plugin.

Edit: I want to provide more context on this. Please view this link deprecation

Edit: this pull request migrates over to the new tech. pr.

If you kindly message someone with write access and ask them to merge the pull request, we should have U2F back and running again.

[baslking]

WP 6.2 Two-Factor 0.8.1 Firefox 112.02 on MacOS 13.3.1(a) TOTP working for me FIDO does nothing. It had worked on older versions, not sure which. I deleted my Yubikey config and tried to reinstall now I get a spinning dot (and enabling is impossible because there's no configured key)

[iandunn]

https://wordpress.org/plugins/two-factor-provider-webauthn/ is an option in the mean time, until this plugin finishes building WebAuthn support.

[gstammw]

Same problem here, U2F is without function. Can neither login nor register a new key.

[baslking]

FIDO not working here either WP 6.2.2 PHP 8.1.18 FIrefox 113.02 Same spinning disk, but TOTP still works. I've used TOTP for years and never had issues, but FIDO has been pretty flaky Most FIDO sites pop up a little window waiting for the key click. No popup makes me wonder if it's being blocked, but not getting a warning...

[dd32]

This is a duplicate of #423, mostly.

The Enabled checkbox is being saved as enabled, but the UI is not showing it as enabled as it has no keys enabled (ie. The provider isn't "available" for the user). You'll see a similar behaviour if you setup Email+TOTP+FIDO+Backup codes - if you haven't configured TOTP or Generated backup codes the Checkbox will revert to unchecked.

The keys can't be enabled because FIDO / U2F is no more, and it needs to migrate (Which is what #423 is).

Ideally, until #423 is resolved the U2F provider should self-disable itself (Unless there's keys registered I guess).

[jimmiedave]

two-factor-provider-webauthn gives the "serious error with this web site" message instead of "insert and touch your security key" on current WordPress, current versions of both Firefox and Chrome on my Mac (Catalina, Intel). Had to SSH in and wipe it.

I realize that third party plugin is not yours to debug, but it's not a useful option "until" if it does this.

[kasparsd]

Closing this to keep all the FIDO deprecation discussion to #423.