My1
commented
4 years ago juat wanted to note that this still seems to be a thing, on 3.0.0
Open My1 opened 4 years ago
My1
commented
4 years ago juat wanted to note that this still seems to be a thing, on 3.0.0
involved parties:
1) Solo Hacker A with 2.5.3 Firmware 2) Chrome 77.0.3865.90 on Windows 8.1 64 bit 3) demo.yubico.com/Playground
what happened:
1) registered account and added a key as "passwordless" aka resident key, chrome setup instructions confirm this by stating that a record of the site visit will be stored on the key (or whatever wording was used) 2) logged out 3) clicked on passwordless login link, clicked solo button and typed in my PIN 4) chrome says to try another key because it's not registered 5) I login with username and password to check whether the key may not have been properly stored, but I clear the webauthn part behind that no problem 6) I checked a resident credential I set up a while ago on my personal WebAuthn Sandbox no problem.
so something may be weird when creating RKs, as I am sure that I created my sandbox RK well before 2.5.3 (I have evidence of using that specific RK from my sandbox about 2 weeks ago, which was around when I finished with my sandbox)