Unable to register master password when FIPS mode is enabled

[ghost]

Easy Passwords 1.0.0 / Firefox 45.0.2 64-BIT / Windows 7SP1 Home 64-BIT

Unable here to enter a master password. Whatever I input and confirm, the password is not registered.

If I overcome this issue I'll have to know as well how to deal with installed passwords already handled by Firefox's password manager. I mean : there are several points to know when it comes to transferring the password management from one tool to another.

[palant]

What does "the password is not registered" mean exactly? You enter your master password twice, click "set master password" and what happens then?

I tried your exact setup but couldn't see any issues.

[ghost]

What happens then is the problem : nothing. If I click elsewhere, Easy Passwords' popup closes and when reopened asks again for the master password => my input is not, was not recorded.

If you've succeeded with my exact setup then maybe does Easy Passwords rely on a setting I may have modified in about:config (no problems, I'm aware). If so, this will be problematic.

No disk cache here and my Firefox profile is on a RamDisk, for what it may be worth.

[palant]

Could you go to about:support, click "Copy text to clipboard" and then paste it here? This will contain your modified prefs among other things.

[ghost]

I've pasted only the 'Important Modified Preferences' section because elsewhere contains confidential information.

Important Modified Preferences

accessibility.typeaheadfind.flashBar: 0 accessibility.typeaheadfind.prefillwithselection: false browser.cache.check_doc_frequency: 3 browser.cache.disk_cache_ssl: false browser.cache.disk.capacity: 0 browser.cache.disk.enable: false browser.cache.disk.filesystem_reported: 1 browser.cache.disk.parent_directory: H:\FF.MICHEL\CACHE browser.cache.disk.smart_size.enabled: false browser.cache.disk.smart_size.first_run: false browser.cache.disk.smart_size.use_old_max: false browser.cache.frecency_experiment: -1 browser.cache.memory.capacity: 512000 browser.cache.memory.enable: true browser.cache.memory.max_entry_size: -1 browser.cache.offline.capacity: 0 browser.cache.offline.enable: false browser.cache.offline.parent_directory: H:\FF.MICHEL\CACHE browser.display.background_color: #E8E8FF browser.display.document_color_use: 1 browser.display.foreground_color: #000000 browser.display.use_document_fonts: 0 browser.download.folderList: 2 browser.download.hide_plugins_without_extensions: false browser.download.importedFromSqlite: true browser.download.manager.addToRecentDocs: false browser.download.manager.alertOnEXEOpen: true browser.download.manager.quitBehavior: 2 browser.download.useDownloadDir: false browser.fixup.alternate.enabled: true browser.link.open_newwindow.restriction: 0 browser.places.smartBookmarksVersion: 7 browser.search.openintab: true browser.search.suggest.enabled: false browser.search.update: false browser.search.useDBForOrder: true browser.sessionstore.interval: 2147483647 browser.sessionstore.max_resumed_crashes: 0 browser.sessionstore.max_tabs_undo: 10 browser.sessionstore.max_windows_undo: 0 browser.sessionstore.privacy_level: 2 browser.sessionstore.privacy_level_deferred: 2 browser.sessionstore.resume_from_crash: false browser.sessionstore.upgradeBackup.latestBuildID: 20160407164938 browser.startup.homepage_override.buildID: 20150917150946 browser.startup.homepage_override.mstone: ignore browser.tabs.animate: false browser.tabs.closeWindowWithLastTab: false browser.tabs.insertRelatedAfterCurrent: false browser.tabs.loadInBackground: false browser.tabs.remote.desktopbehavior: false browser.tabs.tabMaxWidth: 255 browser.tabs.tabMinWidth: 50 browser.tabs.warnOnClose: true browser.tabs.warnOnCloseOtherTabs: true browser.tabs.warnOnOpen: true browser.urlbar.autocomplete.enabled: true browser.urlbar.autoFill: false browser.urlbar.autoFill.typed: false browser.urlbar.clickSelectsAll: false browser.urlbar.default.behavior: 2 browser.urlbar.doubleClickSelectsAll: true browser.urlbar.filter.javascript: true browser.urlbar.maxRichResults: 24 browser.urlbar.suggest.history: false browser.urlbar.suggest.openpage: false browser.urlbar.suggest.searches: false browser.urlbar.trimURLs: false browser.urlbar.unifiedcomplete: false browser.urlbar.userMadeSearchSuggestionsChoice: true browser.zoom.siteSpecific: true dom.allow_scripts_to_close_windows: false dom.apps.reset-permissions: true dom.battery.enabled: false dom.disable_beforeunload: true dom.disable_window_flip: true dom.disable_window_move_resize: true dom.disable_window_open_feature.close: true dom.disable_window_open_feature.location: true dom.disable_window_open_feature.menubar: true dom.disable_window_open_feature.minimizable: true dom.disable_window_open_feature.personalbar: true dom.disable_window_open_feature.resizable: true dom.disable_window_open_feature.scrollbars: true dom.disable_window_open_feature.status: true dom.disable_window_open_feature.titlebar: true dom.disable_window_open_feature.toolbar: true dom.disable_window_status_change: true dom.enable_performance: false dom.enable_resource_timing: false dom.enable_user_timing: false dom.event.clipboardevents.enabled: false dom.event.contextmenu.enabled: true dom.gamepad.enabled: false dom.idle-observers-api.enabled: false dom.indexedDB.enabled: true dom.ipc.plugins.flash.subprocess.crashreporter.enabled: false dom.ipc.plugins.reportCrashURL: false dom.max_chrome_script_run_time: 60 dom.max_script_run_time: 30 dom.messageChannel.enabled: false dom.mozApps.maxLocalId: 0 dom.mozApps.signed_apps_installable_from: dom.mozApps.used: true dom.netinfo.enabled: false dom.network.enabled: false dom.placeholder.show_on_focus: false dom.popup_maximum: 3 dom.push.connection.enabled: false dom.push.enabled: false dom.push.serverURL: dom.push.udp.wakeupEnabled: false dom.push.userAgentID: dom.requestSync.enabled: false dom.serviceWorkers.enabled: false dom.storage.enabled: true dom.telephony.enabled: false dom.vibrator.enabled: false dom.vr.enabled: false dom.vr.oculus.enabled: false dom.vr.oculus050.enabled: false dom.w3c_touch_events.enabled: 0 dom.webnotifications.enabled: false dom.webnotifications.serviceworker.enabled: false dom.workers.sharedWorkers.enabled: false extensions.checkCompatibility: false extensions.checkCompatibility.45.0: false extensions.lastAppVersion: 45.0.2 font.default.x-western: sans-serif font.internaluseonly.changed: false font.minimum-size.x-western: 9 font.name.monospace.x-western: Consolas font.name.serif.x-western: Arial font.size.fixed.x-western: 14 font.size.variable.x-western: 14 gfx.crash-guard.d3d11layers.appVersion: 45.0.2 gfx.crash-guard.d3d11layers.deviceID: 0x0f00 gfx.crash-guard.d3d11layers.driverVersion: 10.18.13.5900 gfx.crash-guard.d3d11layers.feature-d2d: true gfx.crash-guard.d3d11layers.feature-d3d11: true gfx.crash-guard.glcontext.gfx.driver-init.direct3d11-angle: true gfx.crash-guard.glcontext.gfx.driver-init.webgl-angle: true gfx.crash-guard.glcontext.gfx.driver-init.webgl-angle-force-d3d11: false gfx.crash-guard.glcontext.gfx.driver-init.webgl-angle-force-warp: false gfx.crash-guard.glcontext.gfx.driver-init.webgl-angle-try-d3d11: true gfx.crash-guard.status.d3d11layers: 2 gfx.crash-guard.status.d3d9video: 2 gfx.crash-guard.status.glcontext: 2 gfx.direct3d.last_used_feature_level_idx: 0 gfx.downloadable_fonts.enabled: true gfx.driver-init.appVersion: 42.0 gfx.driver-init.deviceID: 0x0f00 gfx.driver-init.driverVersion: 10.18.13.5900 gfx.driver-init.feature-d2d: true gfx.driver-init.feature-d3d11: true gfx.driver-init.status: 2 gfx.layerscope.enabled: false image.mem.discardable: false javascript.enabled: true javascript.options.asmjs: false keyword.enabled: true media.autoplay.enabled: true media.cache_size: 1024000 media.directshow.enabled: true media.eme.apiVisible: false media.eme.enabled: false media.getusermedia.browser.enabled: false media.getusermedia.screensharing.allowed_domains: media.getusermedia.screensharing.enabled: false media.gmp-eme-adobe.enabled: false media.gmp-gmpopenh264.enabled: false media.gmp-gmpopenh264.provider.enabled: false media.gmp-manager.buildID: 20160407164938 media.gmp-manager.cert.checkAttributes: false media.gmp-manager.cert.requireBuiltIn: false media.gmp-manager.certs.1.commonName: media.gmp-manager.certs.1.issuerName: media.gmp-manager.certs.2.commonName: media.gmp-manager.certs.2.issuerName: media.gmp-manager.url: media.gmp-provider.enabled: false media.gmp.trial-create.enabled: false media.hardware-video-decoding.failed: false media.mediasource.enabled: true media.mediasource.webm.enabled: true media.navigator.enabled: false media.navigator.permission.disabled: true media.navigator.video.enabled: false media.peerconnection.default_iceservers: media.peerconnection.enabled: false media.peerconnection.ice.default_address_only: true media.peerconnection.identity.enabled: false media.peerconnection.identity.timeout: 1 media.peerconnection.turn.disable: true media.peerconnection.use_document_iceservers: false media.peerconnection.video.enabled: false media.peerconnection.video.h264_enabled: false media.play-stand-alone: true media.video_stats.enabled: false media.webspeech.recognition.enable: false network.allow-experiments: false network.buffer.cache.size: 262144 network.cookie.cookieBehavior: 1 network.cookie.lifetime.days: 999 network.cookie.prefsMigrated: true network.dns.blockDotOnion: true network.dns.disableIPv6: true network.dns.disablePrefetch: true network.dns.disablePrefetchFromHTTPS: true network.dns.get-ttl: false network.http.fast-fallback-to-IPv4: true network.http.referer.spoofSource: false network.http.referer.trimmingPolicy: 0 network.http.referer.XOriginPolicy: 1 network.http.sendRefererHeader: 2 network.http.sendSecureXSiteReferrer: false network.http.speculative-parallel-limit: 0 network.http.use-cache: true network.jar.block-remote-files: true network.jar.open-unsafe-types: false network.predictor.enabled: false network.predictor.max-db-size: 0 network.prefetch-next: false network.protocol-handler.external.ms-windows-store: false network.protocol-handler.warn-external.ms-windows-store: true network.protocol-handler.warn-external.news: true network.protocol-handler.warn-external.nntp: true network.protocol-handler.warn-external.snews: true network.websocket.enabled: false places.database.lastMaintenance: 1460743429 places.history.expiration.transient_current_max_pages: 394 plugin.default.state: 0 plugin.defaultXpi.state: 0 plugin.disable_full_page_plugin_for_types: application/pdf plugin.expose_full_path: true plugin.importedState: true plugin.persistentPermissionAlways.intervalInDays: 999 plugin.scan.plid.all: false plugin.sessionPermissionNow.intervalInMinutes: 0 plugin.state.flash: 0 plugin.state.java: 0 plugin.state.np_prsnl: 0 plugin.state.npatgpc: 0 plugin.state.npbispbrowser: 0 plugin.state.npboxedit: 0 plugin.state.npchip: 0 plugin.state.npciscowebcommunicator: 0 plugin.state.npesteid-firefox-plugin: 0 plugin.state.npfacebookvideocalling: 0 plugin.state.npgcplugin: 0 plugin.state.npmcafeemss: 0 plugin.state.npmcffplg: 0 plugin.state.npmeetingjoinpluginoc: 0 plugin.state.npmozcouponprinter: 0 plugin.state.npmvtplugin: 0 plugin.state.npnipp: 0 plugin.state.npnisp: 0 plugin.state.npplayerplugin: 0 plugin.state.nprobloxproxy: 0 plugin.state.npskypewebplugin: 0 plugin.state.npunity3d: 0 plugin.state.npvidyoweb: 0 plugin.state.npviewright: 0 plugin.state.npwebcard: 0 plugins.click_to_play: true plugins.hide_infobar_for_missing_plugin: true plugins.update.notifyUser: false print.printer_Bullzip_PDF_Printer.print_bgcolor: false print.printer_Bullzip_PDF_Printer.print_bgimages: false print.printer_Bullzip_PDF_Printer.print_colorspace: print.printer_Bullzip_PDF_Printer.print_command: print.printer_Bullzip_PDF_Printer.print_downloadfonts: false print.printer_Bullzip_PDF_Printer.print_duplex: 1515870810 print.printer_Bullzip_PDF_Printer.print_edge_bottom: 0 print.printer_Bullzip_PDF_Printer.print_edge_left: 0 print.printer_Bullzip_PDF_Printer.print_edge_right: 0 print.printer_Bullzip_PDF_Printer.print_edge_top: 0 print.printer_Bullzip_PDF_Printer.print_evenpages: true print.printer_Bullzip_PDF_Printer.print_footercenter: print.printer_Bullzip_PDF_Printer.print_footerleft: &PT print.printer_Bullzip_PDF_Printer.print_footerright: &D print.printer_Bullzip_PDF_Printer.print_headercenter: print.printer_Bullzip_PDF_Printer.print_headerleft: &T print.printer_Bullzip_PDF_Printer.print_headerright: &U print.printer_Bullzip_PDF_Printer.print_in_color: true print.printer_Bullzip_PDF_Printer.print_margin_bottom: 0.5 print.printer_Bullzip_PDF_Printer.print_margin_left: 0.5 print.printer_Bullzip_PDF_Printer.print_margin_right: 0.5 print.printer_Bullzip_PDF_Printer.print_margin_top: 0.5 print.printer_Bullzip_PDF_Printer.print_oddpages: true print.printer_Bullzip_PDF_Printer.print_orientation: 0 print.printer_Bullzip_PDF_Printer.print_page_delay: 50 print.printer_Bullzip_PDF_Printer.print_paper_data: 9 print.printer_Bullzip_PDF_Printer.print_paper_height: 11,00 print.printer_Bullzip_PDF_Printer.print_paper_name: print.printer_Bullzip_PDF_Printer.print_paper_size_type: 0 print.printer_Bullzip_PDF_Printer.print_paper_size_unit: 1 print.printer_Bullzip_PDF_Printer.print_paper_width: 8,50 print.printer_Bullzip_PDF_Printer.print_plex_name: print.printer_Bullzip_PDF_Printer.print_resolution: 1515870810 print.printer_Bullzip_PDF_Printer.print_resolution_name: print.printer_Bullzip_PDF_Printer.print_reversed: false print.printer_Bullzip_PDF_Printer.print_scaling: 1,30 print.printer_Bullzip_PDF_Printer.print_shrink_to_fit: true print.printer_Bullzip_PDF_Printer.print_to_file: false print.printer_Bullzip_PDF_Printer.print_unwriteable_margin_bottom: 0 print.printer_Bullzip_PDF_Printer.print_unwriteable_margin_left: 0 print.printer_Bullzip_PDF_Printer.print_unwriteable_margin_right: 0 print.printer_Bullzip_PDF_Printer.print_unwriteable_margin_top: 0 print.printer_HP_LaserJet_1018.print_bgcolor: false print.printer_HP_LaserJet_1018.print_bgimages: false print.printer_HP_LaserJet_1018.print_downloadfonts: false print.printer_HP_LaserJet_1018.print_duplex: 1515870810 print.printer_HP_LaserJet_1018.print_edge_bottom: 0 print.printer_HP_LaserJet_1018.print_edge_left: 0 print.printer_HP_LaserJet_1018.print_edge_right: 0 print.printer_HP_LaserJet_1018.print_edge_top: 0 print.printer_HP_LaserJet_1018.print_evenpages: true print.printer_HP_LaserJet_1018.print_footerleft: &U print.printer_HP_LaserJet_1018.print_headercenter: &PT print.printer_HP_LaserJet_1018.print_headerleft: &T print.printer_HP_LaserJet_1018.print_headerright: &D print.printer_HP_LaserJet_1018.print_in_color: true print.printer_HP_LaserJet_1018.print_margin_bottom: 0.5 print.printer_HP_LaserJet_1018.print_margin_left: 0.5 print.printer_HP_LaserJet_1018.print_margin_right: 0.5 print.printer_HP_LaserJet_1018.print_margin_top: 0.5 print.printer_HP_LaserJet_1018.print_oddpages: true print.printer_HP_LaserJet_1018.print_orientation: 0 print.printer_HP_LaserJet_1018.print_page_delay: 50 print.printer_HP_LaserJet_1018.print_paper_data: 9 print.printer_HP_LaserJet_1018.print_paper_height: 11,00 print.printer_HP_LaserJet_1018.print_paper_size_type: 0 print.printer_HP_LaserJet_1018.print_paper_size_unit: 1 print.printer_HP_LaserJet_1018.print_paper_width: 8,50 print.printer_HP_LaserJet_1018.print_resolution: 1515870810 print.printer_HP_LaserJet_1018.print_reversed: false print.printer_HP_LaserJet_1018.print_scaling: 1,25 print.printer_HP_LaserJet_1018.print_shrink_to_fit: true print.printer_HP_LaserJet_1018.print_to_file: false print.printer_HP_LaserJet_1018.print_unwriteable_margin_bottom: 0 print.printer_HP_LaserJet_1018.print_unwriteable_margin_left: 0 print.printer_HP_LaserJet_1018.print_unwriteable_margin_right: 0 print.printer_HP_LaserJet_1018.print_unwriteable_margin_top: 0 privacy.clearOnShutdown.cache: false privacy.clearOnShutdown.cookies: false privacy.clearOnShutdown.downloads: false privacy.clearOnShutdown.formdata: false privacy.clearOnShutdown.history: false privacy.clearOnShutdown.offlineApps: false privacy.clearOnShutdown.openWindows: false privacy.clearOnShutdown.passwords: false privacy.clearOnShutdown.sessions: false privacy.clearOnShutdown.siteSettings: false privacy.cpd.cache: true privacy.cpd.cookies: false privacy.cpd.downloads: true privacy.cpd.extensions-tabmix: false privacy.cpd.formdata: true privacy.cpd.history: true privacy.cpd.offlineApps: true privacy.cpd.openWindows: false privacy.cpd.passwords: false privacy.cpd.sessions: false privacy.cpd.siteSettings: false privacy.donottrackheader.enabled: true privacy.donottrackheader.value: 1 privacy.popups.showBrowserMessage: false privacy.sanitize.migrateClearSavedPwdsOnExit: true privacy.sanitize.migrateFx3Prefs: true privacy.sanitize.sanitizeOnShutdown: false privacy.sanitize.timeSpan: 0 privacy.trackingprotection.enabled: false privacy.trackingprotection.pbmode.enabled: false security.ask_for_password: 0 security.cert_pinning.enforcement_level: 2 security.dialog_enable_delay: 0 security.disable_button.openCertManager: false security.disable_button.openDeviceManager: false security.mixed_content.block_active_content: true security.mixed_content.block_display_content: false security.OCSP.enabled: 0 security.OCSP.require: false security.password_lifetime: 30 security.ssl.enable_ocsp_stapling: false security.ssl.errorReporting.automatic: false security.ssl.errorReporting.enabled: false security.ssl.errorReporting.url: security.ssl.require_safe_negotiation: false security.ssl.treat_unsafe_negotiation_as_broken: false security.ssl3.dhe_rsa_aes_128_sha: false security.ssl3.dhe_rsa_aes_256_sha: false security.ssl3.ecdhe_ecdsa_rc4_128_sha: false security.ssl3.ecdhe_rsa_rc4_128_sha: false security.ssl3.rsa_rc4_128_md5: false security.ssl3.rsa_rc4_128_sha: false security.tls.insecure_fallback_hosts.use_static_list: false security.tls.unrestricted_rc4_fallback: false security.xpconnect.plugin.unrestricted: false services.sync.declinedEngines: storage.vacuum.last.index: 1 storage.vacuum.last.places.sqlite: 1460377876 storage.vacuum.last.queue.sqlite: 1436199242 webgl.disable-extensions: false webgl.disabled: false webgl.min_capability_mode: false

[palant]

These preferences sure are a footgun but I couldn't immediately identify any that would affect Easy Passwords. After setting master password fails, please open Browser Console (Ctrl-Shift-J) and have a look - there must be an error message related to Easy Passwords (you can enter easypasswords into the "filter output" field).

[ghost]

For easiness I cleared first the Browser Console before starting; I clicked on Easy Login's toolbar icon which opened Master Password requirement; I entered password, I re-entered, I clicked 'Set master password' I opened Browser console, only a few lines, none with easypassword enclosed but this only:

TypeError: this._recipeManager is null LoginManagerParent.jsm:185:9 TypeError: browser is null nsLoginManagerPrompter.js:806:9 NS_ERROR_XPC_JAVASCRIPT_ERROR_WITH_DETAILS: [JavaScript Error: "browser is null" {file: "resource://gre/components/nsLoginManagerPrompter.js" line: 806}]'[JavaScript Error: "browser is null" {file: "resource://gre/components/nsLoginManagerPrompter.js" line: 806}]' when calling method: [nsILoginManagerPrompter::promptToSavePassword] LoginManagerParent.jsm:532:0

I forgot to mention that when I click on 'Set master password' the popup resizes by a few pixels on each click ... weird.

First, thanks a lot Palant for taking on your time. I hope the solution will be prove to be helpful for all. I'm searching on my side.

[palant]

The Login Manager error is expected - I couldn't find any way to stop the Login Manager from messing with this pop-up, it will always try and error out. But this doesn't break anything. Strange...

[ghost]

Eureka! I found the culprit. Using Firefox's default Password Manager I had tightened it by enabling FIPS in Options / Advanced / Certificates / Security Devices / Enable FIPS Disabling FIPS and restarting Firefox led to Easy Passwords running perfectly well (at this stage anyway).

Well, you learn every day :)

[palant]

Thank you for identifying the culprit, I've never had to deal with FIPS mode before. It seems that only FIPS-approved crypto algorithms are allowed when FIPS mode is enabled - and PBKDF2 isn't one of them. My impression is that PBKDF2 isn't disapproved per se, it's simply the implementation of this algorithm in NSS that was never certified. Most likely nobody cared enough, this algorithm isn't relevant for HTTPS. Either way, Easy Passwords cannot possibly work if this algorithm is disabled.

The only remaining question is why there is no error message whatsoever.

[ghost]

For one, I believe the FIPS mode is seldom used. I had set it when I opted for a Master password here in Firefox in a general concern about my passwords' encryption. I learned afterwards that the FIPS mode also had an incidence on HTTPS ciphers... sorry for such approximations, I'm a simple non-techie user trying to make his way to optimizing security & privacy matters everywhere I possibly can.

For two, using Simple Passwords would naturally lead to stop focusing on FIPS, here anyway since my aim of optimizing my passwords' management would be de facto satisfied.

For three -- and this is out of the scope of my post (thanks for renaming it by specifying FIPS now that we know that was the culprit) -- may I take this opportunity for exposing a point I don't understand concerning the very way Easy Passwords (EP) is built to operate?

OK- FIPS disabled - EP Installed, Master password for EP registered. I go to a site for which I have already a login -> no problem, I enter my accreditation in EP as Legacy. Done. I return to the site, EP shows correctly my user name and user password, but clicking on my EP's reference, only my password is sent to the site's login, not my user name ... What am I missing?

Sorry to add this here but 1- This must be so obvious that I don't see why opening a new post for it, 2- if there is any better suited area for questions (not issues as here) then please tell me the best place in town :)

[palant]

You can set a master password without enabling FIPS mode, there is really little reason to use it unless you work for a US government agency. I could confirm (here, on page 5) that PBKDF2 is indeed a FIPS-approved algorithm. So it being disabled in FIPS mode is an issue with the Firefox (NSS) implementation, not the algorithm itself. My problem is that I am unable to enable FIPS mode and consequently cannot test this issue...

Easy Passwords currently doesn't manage user names - the name you enter is merely a password handle, for your convenience. That's something I hope to address at a later point, filling in user names would make things much more convenient but it's not really trivial either.

[ghost]

I was aware that setting a master password required in no way enabling the FIPS mode, but thanks for making this clear. I only wished then to harden the passwords' management context.

Easy Passwords currently doesn't manage user names OK. This is bothering indeed when one wishes to combine security and easiness of use. I mean, many logins and as many (or less) user names poses the same problem as user passwords when it comes to memorizing them. Having to deal with two schemes, one for the name and one for the password is, for me and now, too uncomfortable to abandon the built-in Firefox password manager. Should Easy Passwords include user names that I'd be the first to switch to what is a much smarter and secure approach of passwords' creation and management.

Thanks for your commitment to a better Web, Palant.

[palant]

I finally realized that FIPS mode only appears to work on Windows. In fact, there is an error message being shown in the Browser Console: "OperationError: The operation failed for an operation-specific reason." Not very specific but that's what you usually get with WebCrypto API.

Either way, I can confirm that PBKDF2 cannot work in FIPS mode - meaning that the bug as filed here cannot be fixed. I created #17 on the general lack of feedback if crypto operations fail.