help icon indicating copy to clipboard operation
help copied to clipboard

Published 20 hours ago verified publisher icon bitwarden

Add note about re-adding NFC keys to WebAuthn article

Open dominicjaeger opened this issue 3 years ago • 2 comments

Problem: I've been trying to log in the Android app with SecurityKey NFC for the first time. To do so, I clicked through the dialogs until I got the prompt to (translated) "hold my key to the back of the device until it doesn't vibrate any more".

  • Quickly removing the key again resulted in a single vibration and NFC error & NotReadableError
  • Holding it at the back gave double vibration and "No supported application for this NFC tag"

The same behavior occured in vault.bitwarden.com in Android mobile browser and in the Android app (with the same Chrome browser). Chrome on Android Version 96.0.4664.104 Redmi Note 9 Pro MIUI Global 12.5.6 Android 11 RKQ1.200826.002

Solution: Removing and adding again the NFC key in the web vault on a computer solved the problem! Even though I still saw the "No supported application" error or "NFC read error" when using the NFC key on my phone, the vault always opened.

I can try to reproduce this with my second key in a few days.

Possibly interesting:

  • Re-adding removed the "(Migrated from FIDO)" hint
  • Logging into my Google account in Chrome on Android using NFC has been working all the time. One single time I saw the "No supported application" error, but it worked nonetheless.
  • Changing the default payment app from my banking app to undefined has not changed anything

Suggestion: Add a note about removing and adding migrated security keys in the NFC troubleshooting section in the article Two-step Login via FIDO2 WebAuthn

dominicjaeger avatar Dec 27 '21 10:12 dominicjaeger

hi @dominicjaeger

did you reproduce this with another key? Is this specifically an issue with the NFC key that is labled as (migrated from FIDO) or did you test this with another key as well?

If this is the case and is reproducible this could be added to the documentation but probably should be raised on the mobile app repo as well.

needs-coffee avatar Jan 04 '22 14:01 needs-coffee

In my first post, both keys initially had the label "Von FIDO migriert" (migrated from FIDO) Security keys

Today, I could reproduce the behavior with my second key (which still has the "Von FIDO migriert"). I made screen recordings to show what exactly happens. Sometimes I get one or two sounds as response.

https://user-images.githubusercontent.com/37143059/148640549-6e1f1cb4-d0c1-48b8-8d78-7156ab88f5fd.mp4

With the default payment app set to undefined, the message "Two-step token is invalid" appeared on Chrome on Android when trying to access vault.bitwarden.com. I haven't noticed this before. It can be seen briefly in this video:

https://user-images.githubusercontent.com/37143059/148640535-30bbf445-3b61-4310-b1d3-64215bdd6ad1.mp4

I have not yet removed & added the second key yet. If there is nothing else to test, then I would do that as next step to check if it solves the problem again.

dominicjaeger avatar Jan 08 '22 10:01 dominicjaeger