iPhone App: YubiKey 2FA login challenge not designed for YubiKey 5Ci

[fBwfbodGteRCA8aPwF7knF7Va0LYfB3dhgSaxK2]

• iPhone 8 Plus
• iOS 13.3
• Latest Bitwarden App
• "One of my keys supports NFC" is unchecked in the YubiKey OTP section.

When the Bitwarden iPhone app asks for your YubiKey it appears that it was originally designed for the YubiKey NEO with NFC. It should be updated to include wording for, and activation by, the YubiKey 5Ci via the lightning port.

First, the wording:

To continue, hold your YubiKey NEO against the back of the device.

Now that you can also use the YubiKey 5Ci via the lightning port, this wording should be changed to something generic or to include the YubiKey 5Ci and how to activate it (Currently: Plug YubiKey into lightning port, tap Cancel, tap the text field, and then press buttons on side of YubiKey).

Second, the text field: The way the current Bitwarden app works, to use the 5Ci you must first tap Cancel to stop the "Ready to Scan" popup window and then tap the (black on black background) text field immediately above the "Remember me" area. That text field is not at all obvious or intuitive, as you can see from Screenshot 2 below. At the very least, making that text field contrast against the black background might be necessary.

Ideally though, the whole process/popup should be changed from "Ready to Scan" to "Waiting for YubiKey", and to handle input from the 5Ci via lightning port (and USB-C for Android?) the same way it does for the NEO via NFC by automatically selecting the text field/placing the resulting key into the text field.

Thanks!

Screenshot 1 - Ready to Scan


Screenshot 2 - What text field?


[11P2wHd5En9n6JXFuSQlVtvTR2WjGkbQlRT80x8]

I'm glad I read this. I have used 5ci on the iPad version of Bitwarden in the past and it worked fine. Trying again today, it appeared not to be working. What I was missing was necessity of clicking on the invisible (black on black) text field before touching the 5ci. Works fine. Agree this UI error needs to be fixed.

[ghost]

I just ran into this and I also nominated a feature request on the Forums ... This is a little glitchy. Thanks @jrsmiley and @Ayitaka for figuring this out.

[xn6oroRnRtJd2tJ0do085029CwIigDk09ZWfg1O]

If you have a Yubikey NEO and encounter this on an iPad this experience is especially bad for a new user.

First issue; per Ayitaka comment back in 2019 Bitwarden does support the USB/Lightning hardwired keyboard key input method. Current picture and instructions do not mention that.

Next issue; the text input field where you can select and have the Yubikey as keyboard fill in the key is invisible.

I would suggest the instructions and picture shown on that page be updated to include the hardwired connection the Yubikey 5Ci and NEO (iPad) support. Also if the text input filed can be called out somehow that would help tremendously. Thank you.

[xn6oroRnRtJd2tJ0do085029CwIigDk09ZWfg1O]

This is still broken in 2023 on ios 17...

[dnepFApg29luYk56e6jemZeF4R0SejqzPuigQtW]

Finally "solved" this on iPad. The challenge dialog with the dumb NFC picture after you now chose "no NFC" when setting up YubiKey is ... scrollable. So:

• Wipe all your Yubikeys in the web app
• Uncheck "I use insecure NFC keys"
• Register your 5ci and USB-C Yubikeys
• Kill the iPad app and sign in again (swipe up from bottom edge to get to desktop, again to see running apps, flick bitwarden up to kill it)
• When you see the "tap the NFC key I don't have" picture, scroll down to reveal the button to press to instead use your 5ci or 5c.

I cannot wait till Passkey sign in and this nonsense goes away in October or whatever. I just typed in my 50+ character password over 20 times this round of trying to get it to work. Annoying.

[xn6oroRnRtJd2tJ0do085029CwIigDk09ZWfg1O]

Finally "solved" this on iPad. The challenge dialog with the dumb NFC picture after you now chose "no NFC" when setting up YubiKey is ... scrollable. So:

• Wipe all your Yubikeys in the web app
• Uncheck "I use insecure NFC keys"
• Register your 5ci and USB-C Yubikeys
• Kill the iPad app and sign in again (swipe up from bottom edge to get to desktop, again to see running apps, flick bitwarden up to kill it)
• When you see the "tap the NFC key I don't have" picture, scroll down to reveal the button to press to instead use your 5ci or 5c.

I cannot wait till Passkey sign in and this nonsense goes away in October or whatever. I just typed in my 50+ character password over 20 times this round of trying to get it to work. Annoying.

You might want to check out this issue I posted; https://github.com/bitwarden/mobile-maui/issues/2745

[dnepFApg29luYk56e6jemZeF4R0SejqzPuigQtW]

Finally "solved" this on iPad. The challenge dialog with the dumb NFC picture after you now chose "no NFC" when setting up YubiKey is ... scrollable. So:

• Wipe all your Yubikeys in the web app
• Uncheck "I use insecure NFC keys"
• Register your 5ci and USB-C Yubikeys
• Kill the iPad app and sign in again (swipe up from bottom edge to get to desktop, again to see running apps, flick bitwarden up to kill it)
• When you see the "tap the NFC key I don't have" picture, scroll down to reveal the button to press to instead use your 5ci or 5c.

I cannot wait till Passkey sign in and this nonsense goes away in October or whatever. I just typed in my 50+ character password over 20 times this round of trying to get it to work. Annoying.

You might want to check out this issue I posted; #2745

I just go by what google serves up.

However, you are right that if I find the particular place to search for each product it could be more efficient than hoping the algorithm does a good job. Today I cared again because copy paste from new iPhone to iPad is not working because reasons which broke my workaround for the NFC plague.