GmsCore icon indicating copy to clipboard operation
GmsCore copied to clipboard

Published 20 hours ago verified publisher icon microg

[WhatsApp] unable to create passkey

Open Alicele opened this issue 1 year ago • 1 comments
trafficstars

Describe the bug In the WhatsApp app -> Settings -> Account -> Passkeys -> Create Passkey, I clicked the Use current device screen lock option and verified the fingerprint information as required, but was prompted with an offline pop-up window.

To Reproduce Steps to reproduce the behavior:

  1. Go to WhatsApp app -> Settings -> Account -> Passkeys -> Create Passkey.
  2. Click on Use this device with screen lock.
  3. Verified the fingerprint information.
  4. Show offline pop-up window.

Expected behavior It will be the same as the pixel phone, showing the content after the key is successfully created.

Screenshots image

System Android Version: [ 12 ] Custom ROM: [ HarmonyOS 2.0.0 ] Device: HUAWEI Mate 60 Pro [ ALN-AL00 ]

Additional context Add any other context about the problem here.

Alicele avatar Oct 25 '24 01:10 Alicele

How can I reproduce this ?

I went to WhatsApp app -> Settings -> Account -> Passkeys -> Create Passkey. A popup for bitwarden appear to save the passkey Passkey saved in bitwarden.

I dont even get the option to validate the passkey with fingerprint.

crDroid android 15, Poco F3

zd3sf avatar Nov 19 '24 19:11 zd3sf

Something identical with Firefox on LineageOS 20

000exploit avatar Dec 30 '24 16:12 000exploit

made a passkey today on whatsapp, 0.3.6

Sid127 avatar Jan 01 '25 20:01 Sid127

i can't make one on CalyxOS with microG 0.3.6.

Idcrafter avatar Jan 03 '25 14:01 Idcrafter

This likely is related to the Android version you use, so please always also report Android version, not only microG version.

mar-v-in avatar Jan 04 '25 10:01 mar-v-in

i use Android 15 CalyxOS 6.2.2 on a Google Pixel 9 Pro XL with a locked bootloader.

Idcrafter avatar Jan 05 '25 09:01 Idcrafter

i will also state some observations after testing passkeys with and without hardware keys. everything is tested on Android 15 and microG 0.3.6.244735 i am not logged into any google account in microG:

  1. for some reason does google think microG's internal passkey storage is a icloud thing
  2. i get prompted for the security key selection activity and can register the fingerprint or hardware key but then will it not work for some apps or services.
  3. for whatsapp does it not even give me the prompt inside microG and it just fails like it also does for other apps like the Amazon app and also paypal app and more.
  4. microG does not yet seem to offer any kind of key backupping like into a keepass or from device to device via stuff like usb, bt, nfc or wifi (this would be a great addition but could pose a security risk)

but i am impressed that passkeys already work even for internal keys and am happy to see how it will progress.

Idcrafter avatar Jan 25 '25 22:01 Idcrafter

@Idcrafter if you use CalyxOS I suggest going into their rooms for support first https://calyxos.org/community/

lucasmz-dev avatar Mar 10 '25 03:03 lucasmz-dev

hi, this won't work unless microG supports the google password manager infrastructure. whatsapp seems to create a passkey to be stored only in a password manager even on real google play services will it fail when google isn't being used as credential manager. it probably is required that you can take the passkey with you onto a another device so would the in exportable ones microG and play services make not work here. i hope this helps.

Idcrafter avatar Nov 05 '25 22:11 Idcrafter

There have been improvements regarding Fido inside microG v0.3.10. Has anyone tried with microG Services v0.3.10 and microG Companion v0.3.10?

ale5000-git avatar Nov 05 '25 23:11 ale5000-git

yes i tried this on Iode OS 6.9 with microG 0.3.10.250932 on a Pixel 6 Pro (setup as the main whatsapp device) and a Pixel 6a(set up as companion device) and it first prompted me to use keepass to save it and after disabling keepass did i try again but then did it just fail to do anything and notified me that something has gone wrong but it didn't show the popup from the image the OP had posted.

Idcrafter avatar Nov 06 '25 00:11 Idcrafter

Do you use a password manager because I think WhatsApp is using the up to date APIs which let password managers like Bitwarden work fine

BTW I have not found like one place where you can actually use this passkey, seems more like a liability ngl

lucasmz-dev avatar Nov 06 '25 17:11 lucasmz-dev

Yes i do use Keepass and did get a second number to test this and it just makes the Passkey to authenticate yourself on another device if you migrate the number probably. the passkey seems only to be used as another factor for your number if you register that number again. it is not even asked for if you set up whatsap web or similar.

But the issue here is probably that microG has no support for the google password manager api's or a implementation of the api's but with a non google backend. You cannot select microG here:

Image this would only be a nice to have if microG implements a password manager.

Idcrafter avatar Nov 06 '25 22:11 Idcrafter