search

bitwarden / clients

Bitwarden client apps (web, browser extension, desktop, and cli).
https://bitwarden.com
Other
9.31k stars 1.25k forks source link

2FA login issues on Chrome mobile #2803

Open mderazon opened 3 years ago

mderazon commented 3 years ago

Steps To Reproduce

  1. Open vault.bitwarden.com on your Android phone
  2. Log in using username/pass
  3. Be presented with the 2FA page
  4. Open native phone dialog for 2FA automatically
  5. Touch the phone back with your Yubikey NFC Fido U2F key
  6. See error and go to step 2 again and start over

Expected Result

To be logged in

Actual Result

Can't log in

An error has occurred.
WebAuth Error: NotAllowedError: The operation either timed out or was not allowed. See:
https://www.w3.org/TR/webauthn-2/#sctn-privacy-considerations-client.

Screenshots or Videos

signal-2021-10-24-160313

https://user-images.githubusercontent.com/717076/138600303-2686173d-a6cd-4d64-84c5-86ecdbbc8f32.mp4

Additional Context

Pixel 4a Android 12 Tried on Chrome and also on Firefox

Operating System

Android

Operating System Version

12

Web Browser

Chrome, Firefox

Browser Version

95.0.4638.50

Build Version

Android 12; Pixel 4a Build/SP1A.210812.015

Vistaus commented 2 years ago

Similar issue in Falkon web browser (which uses the Chromium engine) on Linux desktop as well. Tried multiple times to enter the 2FA codes that were sent, but every time I get “An error has occured”.

Vistaus commented 2 years ago

Similar issue in Falkon web browser (which uses the Chromium engine) on Linux desktop as well. Tried multiple times to enter the 2FA codes that were sent, but every time I get “An error has occured”.

New day, just tried again and it still keeps saying that an error has occurred after typing the verification code.

jhspyhard commented 2 years ago

I had problems with this as well, although it seemed to stem from registration of the Yubico security key with Bitwarden. While the interface seemed to think that the key was registered, it wasn't able to be used elsewhere to login.

These are the steps I used to get my yubikey security token successfully / reliably registered with Bitwarden, on a Windows 10 PC with Firefox.

  1. Insert your Yubikey Security Token to a PC USB slot and validate that you have given it a PIN using the Yubikey-Manager app.
  2. Login to your web vault, then go to https://vault.bitwarden.com/#/settings/security/two-factor.
  3. Click the Manage button for FIDO2 WebAuthn, and provide your master password.
  4. Clear out any previously saved keys by clicking Disable All Keys or removing the existing item representing your Yubikey Security token. If presented with the main 2FA screen, again click the Manage button for FIDO2 WebAuthn and enter your master password.
  5. Do Not Enter a name for your new Yubikey token yet, and click the Read Key button.
  6. You will be presented with a dialog with Set up Windows Hello to sign in to vault.bitwarden.com as .... Click Cancel.
  7. You will be presented with a dialog with Setup your security key to sign in to vault.bitwarden.com as .... Click OK.
  8. When prompted, enter the PIN for your token, and click OK.
  9. When prompted, touch your security key's button.
  10. Now give your Key your desired name, then click Save.
  11. If you had other backup WebAuthn 2FA keys present for Bitwarden, go ahead and re-register those if they were deleted as part of step 4.
  12. Go test the 2FA token with another device.

I hope this is helpful to you folks still struggling with this.