Getting please enter correct credentials error

[cr4zyw3ld3r]

Hello it looks like on some machines when using NFCloc after a few restarts adding new keys causes the software to no longer recognize the password when adding the NFC key. Does anyone know the cause and/or how to fix?

[maz-net-au]

Which version of Windows are you using? Is this when using NFCRing.UI.View or CredentialRegistration to add the new nfc token? Does restarting the pc fix it? Can you paste the exact error message you're getting and I can try and use that to find the piece of code that might be the problem.

[cr4zyw3ld3r]

This is happening on Windows 10 Pro (19044.2965) Happening during CredentialRegistration while adding new token. So far restarts have not gotten it back up. The exact error has been "Your credentials could not be verified" so after we scan the key and enter the password this happens. Interestingly this machine has 6 other keys on it already that were added w/o issues.

[cr4zyw3ld3r]

We are using ARC122U w/ Yubikey 5 NFC

[maz-net-au]

Perfect. That's my code and i have exactly that hardware and a similar version of windows. I can have a look at it for you but my first guess is that the yubikey is a crypto device and probably reports a random id each time you swipe it. A check was put in the code explicitly to detect that and stop you locking yourself out.

---

From: cr4zyw3ld3r @.***> Sent: Wednesday, April 10, 2024 1:42 AM To: mclear/Sesame Cc: Maz; Comment Subject: Re: [mclear/Sesame] Getting please enter correct credentials error (Issue #30)

We are using ARC122U w/ Yubikey 5 NFC

— Reply to this email directly, view it on GitHubhttps://github.com/mclear/Sesame/issues/30#issuecomment-2045513219, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ACKW3A7AGCWBGSXCN6PQYRTY4QD3LAVCNFSM6AAAAABF6AMZASVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANBVGUYTGMRRHE. You are receiving this because you commented.Message ID: @.***>

[cr4zyw3ld3r]

Its possible, but we have other machines already deployed with this that see no issues. So far we have 3 that have started behaving this way out of nowhere. The one I am talking about above also has windows updates disabled due to internal app testing, the other two have the later versions. So not entirely sure what is happening. But happy to send logs your way if needed.

[maz-net-au]

I've never tried to use my yubikey this way. There's way more secure things it can do than the nfc software supports.

I'll try it with mine in the next day or so and see if i can replicate the problem and let you know how it goes.

---

From: cr4zyw3ld3r @.***> Sent: Wednesday, April 10, 2024 1:55 AM To: mclear/Sesame Cc: Maz; Comment Subject: Re: [mclear/Sesame] Getting please enter correct credentials error (Issue #30)

Its possible, but we have other machines already deployed with this that see no issues. So far we have 3 that have started behaving this way out of nowhere. The one I am talking about above also has windows updates disabled due to internal app testing, the other two have the later versions. So not entirely sure what is happening. But happy to send logs your way if needed.

— Reply to this email directly, view it on GitHubhttps://github.com/mclear/Sesame/issues/30#issuecomment-2045538400, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ACKW3AZG2HWKZ4W6JECSG2DY4QFIBAVCNFSM6AAAAABF6AMZASVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANBVGUZTQNBQGA. You are receiving this because you commented.Message ID: @.***>

[cr4zyw3ld3r]

Much appreciated.

[cr4zyw3ld3r]

Here is one log that may be of interest https://pastebin.com/WbeVKgdg (edit 4/11/24) It looks like the password issue on some machines might be related to Bitlocker key being out of sync with TPM. We are investigating this.

(edit 4/10/24)seeing more errors today :( one of them was: unterminated string. Expected delimiter: ". Path'Plugins[1].Parameters[1].Datatype', line1,position 10000.

^this one might be due to the OS sometimes installing the Microsoft Usbccid Smartcard Reader (WUDF) driver instead of the ACR122U which I have not found a way to lock the driver for the device to the user logged in to take away ownership from the system.

the other: The network path was not found

Cannot make any sense of why this one is happening.

[cr4zyw3ld3r]

Seeing this in one of the machine logs this one running Win10 ver 19045.3930 we see no such issue on 19044.2965 so it could be something in the later patches that removed the WSA function?