Page MenuHomePhabricator

Webauthn: key unknown (due to not using the same site)
Closed, InvalidPublic

Description

In the image below you can see that after registering a FIDO2-key I cannot login via private mode (I also cannot login on another pc). It still works to disable the key and remove 2fa. Login on Github and Google works fine with this key.

Event Timeline

Der_Keks created this task.Feb 5 2020, 12:16 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 5 2020, 12:16 PM

Can you please provide a clear and complete list of steps that allow someone else to reproduce the problem without having to interpret anything, step by step? Also see https://www.mediawiki.org/wiki/How_to_report_a_bug - thanks.

Der_Keks closed this task as Resolved.Feb 5 2020, 12:41 PM
Der_Keks claimed this task.

After iterating trough the process multiple times I realized that Webauthn doesn't work crosswiki. It work's only in the same wiki I registered the key.

Do you really wanted me to copy&paste the setup-steps described in https://meta.wikimedia.org/wiki/Special:Manage_Two-factor_authentication???

Der_Keks removed Der_Keks as the assignee of this task.Feb 5 2020, 12:41 PM
Aklapper changed the task status from Resolved to Invalid.Feb 5 2020, 4:58 PM

Do you really wanted me to copy&paste the setup-steps described in https://meta.wikimedia.org/wiki/Special:Manage_Two-factor_authentication???

@Der_Keks: No, I am not "really" asking you to copy and paste content. I asked you to follow https://www.mediawiki.org/wiki/How_to_report_a_bug and provide a clear list of steps to reproduce a problem, for example mentioning that you used https://meta.wikimedia.org/wiki/Special:Manage_Two-factor_authentication (?) though your screenshot implies that you are not on meta.wikimedia.org at all but maybe on de.wikipedia.org. Nobody knows, except for you, so everyone else has to guess.

Ok you're right, I thought it's the same backend architecture then TOTP. Will do it better next time :)

Aklapper renamed this task from Webauthn: key unknown to Webauthn: key unknown (due to not using the same site).Feb 15 2020, 4:41 PM