sashaqwert
commented
2 years ago try https://github.com/multiOTP/multiOTPCredentialProvider/issues/51#issuecomment-1091635011
It seems to me that the screenshots are very similar to that problem.
Closed MBPotier closed 2 years ago
sashaqwert
commented
2 years ago try https://github.com/multiOTP/multiOTPCredentialProvider/issues/51#issuecomment-1091635011
It seems to me that the screenshots are very similar to that problem.
MBPotier
commented
2 years ago Giving the Users group read permissions on HKEY_CLASSES_ROOT\CLSID{FCEFDFAB-B0A1-4C4D-8B2B-4FF4E0A3D978} and setting cpus_credsui to 0d does get FIDO2 auth working. However, it also reopens the security issue described in #28.
multiOTP
commented
2 years ago This has been fixed in release 5.9.1.0 Please note also that the issue described in #28 is not a security issue, as the shared secret is only a symmetric key which was useful when the multiOTP open source server was not responding in SSL, but now the trafic is always done in SSL. Regards,
Hello,
After installing multiOTP credential provider, web browsers are unable to request FIDO2 authentication. Here a screenshot what the FIDO2 auth popup looks like after multiOTP credential provider is installed:
Note that you are not prompted to touch your security key. Tapping the button on your security key anyways does not log you into the website and authentication fails. I tried various settings for MULTIOTP_CPUSLOGON, MULTIOTP_CPUSUNLOCK, and MULTIOTP_CPUSCREDUI in my mst including setting them all to 3d (the most permissive option), but FIDO2 auth still failed. Below is a screenshot of how the FIDO2 auth popup looks without multiOTP credential provider installed.
When you tap the button on your security key, you are logged into the site.
Thanks.