U2F Security Key not supported in Windows 11

flipperdevices / flipperzero-firmware

Flipper Zero firmware source code

https://flipperzero.one

GNU General Public License v3.0

13k stars 2.75k forks source link

U2F Security Key not supported in Windows 11 #2877

Open SystemOfTheCSGO opened 1 year ago

SystemOfTheCSGO commented 1 year ago

Describe the enhancement you're suggesting.

The current module of security key U2F is not supported by windows.

Reproduction

Use the firmware as usual, get a clean install of windows 11, try to link the security key from flipper to windows, you will get a error: this device is not certified.

Anything else?

This can be bypassed emulating headers of a certified key. (I’ve seen it done before, at least a homemade microsoft certified’ seckey.)

doomwastaken commented 1 year ago

Hello, got a few questions about the build that you are using, is that corporate build or any beta version by any chance?

kamilskrzypek4 commented 1 year ago

The key for MS products like Windows, O365 needs to be FIDO2, as far as I know flipper is FIDO1. Any chance for FIDO2 on flipper hardware?

zhiyan114 commented 1 year ago

The key for MS products like Windows, O365 needs to be FIDO2, as far as I know flipper is FIDO1. Any chance for FIDO2 on flipper hardware?

I feel like it would be a security risk, especially since FIDO2 is usually a passwordless login. Definitely safer to get a separate security key for it.

skotopes commented 1 year ago

We'll try to pack it in future updates.

SolarSciencePup commented 1 year ago

We'll try to pack it in future updates.

Any news?

skotopes commented 1 year ago

Not really, plans are to complete NFC refactoring, then BadUSB/BadUART, and then U2F/FIDO.

Mechcondrid commented 10 months ago

Any news? this would help me out since now i need this for U2F on work repos

Kevin1904 commented 9 months ago

i am also interested in this

dol4inart commented 9 months ago

Hey there. I can help with developing U2F/FIDO :) But I don't know how work U2F in Windows :(

alexh3791 commented 9 months ago

I just wanted to chime in and say that I'm really looking forward to FIDO2 on the Flipper as well.

Adding NFC support to the U2F/FIDO app would be extremely helpful, too, since I authenticate from an iPhone more often than a laptop/desktop at this point.

randoassuser commented 8 months ago

Does the Flipper (even with XFW) really not support FIDO2? It does not work on my iPhone via lightning cable I‘m so disappointed like tf

bomkz commented 4 months ago

Not really, plans are to complete NFC refactoring, then BadUSB/BadUART, and then U2F/FIDO.

From what I see searching around the repo, NFC refactoring has been completed, I may be wrong and/or misinterpreted, I'm not sure about whether BadUSB/BadUART has been, but if so, is FIDO2 support still in the pipeline?

skotopes commented 4 months ago

In a long term FIDO2 is on the roadmap. But right now no one is working on it and we also'd like to have proper secure enclave before going further.