search

passwordless-lib / fido2-net-lib

FIDO2 .NET library for FIDO2 / WebAuthn Attestation and Assertion using .NET
https://fido2-net-lib.passwordless.dev/
MIT License
1.15k stars 166 forks source link

Enter pin for usb #389

Open asharmaarcadix opened 1 year ago

asharmaarcadix commented 1 year ago

Hi,

I tried testing usb key for usernameless.

While using the usb key for log-in,

I am getting a prompt message for PIN. (Shouldn't we be able to login directly without PIN, as again remembering the pin for this key is equivalent to rember the password) image

Can you please help me over here. Is there a way to disable this PIN method and get logged-in directly. Are there any code changes for it.?

Sora2455 commented 1 year ago

The PIN is an implementation detail of your USB authenticator, the browser doesn't control it directly. The most you can do is add userVerification: "discouraged" to your create() call. See: https://developer.mozilla.org/en-US/docs/Web/API/CredentialsContainer/create

dbeinder commented 1 year ago

Another setting that can affect this, is the CredProtect extension, though currently not supported by this library: https://github.com/passwordless-lib/fido2-net-lib/issues/190