Closed lewishazell closed 1 year ago
onlykey
commented
1 year ago @lewishazell I think the issue is here is that the DUO if no PIN has been set only allows you to have EITHER password or MFA not both. It doesn't allow both as a safety/security feature so a user doesn't set up an account with both their password and MFA for account and then lose the key. If you set a PIN on device before doing the restore it allows BOTH password and MFA.
lewishazell
commented
1 year ago Thanks for your reply!
I guess the order of recovery steps matters here then?
I've been setting my PIN again AFTER performing the restore step, only because it's easier to get to the config mode.
From what you're saying, password + MFA recovery will only work if I set my PIN before performing a restore?
onlykey
commented
1 year ago @lewishazell Yes, you will notice in the OnlyKey app if you have no PIN set you have limited options for setting up slots. Once a PIN is set the full slot options are shown.
lewishazell
commented
1 year ago Thank you! I'll close this issue.
Hello!
I assume this issue tracker includes OnlyKey DUO firmware. Let me know if I should be somewhere else!
I've had to pull from backups a few times and I've noticed that OATH-TOTP secrets are sometimes not recovered.
It seems to be when the slot has username and password fields as well as OATH-TOTP.
If it helps, my slot looks something like this:
After restoring a backup, the slot will correctly remember my username and password but fails to type a TOTP code.