U2F Support on safari

[zmilonas]

Describe the bug
Not possible to use U2F keys in Safari

To Reproduce
Steps to reproduce the behavior:

1. Go to the security settings page (https://www.ovh.com/manager/dedicated/#/useraccount/security)
2. Click on add key under U2F
3. A popup is displayed instructing to insert the key and press the button on it
4. Nothing happens, the key doesn't react.

Expected behavior
I expected my YubiKey to light up and let me authenticate

Desktop:

• OS: macOS Catalina
• Browser Safari
• Version 14

Additional context
Maybe WebAuthn could be implemented?

https://developers.yubico.com/WebAuthn/WebAuthn_Developer_Guide/

[antleblanc]

Hi @zmilonas!

Thanks for reporting us this issue.
We are investigating and we will keep you posted as soon as a patch is deployed.

Thank you!

[ajziehl]

Also experiencing this issue on us.ovhcloud.com using both mac and windows.

Desktop 1:
OS: macOS Catalina
Browser: Chrome
Version: 87.0.4280.88 (Official Build) (x86_64)

Desktop 2:
OS: Windows 10
Browser: Chrome
Version: 86.0.4240.198 (Official Build) (x86_64)

Works properly using Firefox 83.0

[zmilonas]

Hey @antleblanc are there any updates? Because of this bug and #3013 (comment) these issues using your panel became a hassle and I'm already not recommending OVH services to anyone and starting to move off my countless domains from your service.

[lolen]

@antleblanc i have the same problem

[dzek69]

bump, same thing, windows machine

it's 2 years now since it was reported

[lolen]

@dzek69 if you really want to add support for u2f, configure add keys through Firefox and then use your other browser it worked for me

[dzek69]

@lolen thanks for suggestion, but i think i'll pass. If the adding the key is buggy and that's not the only buggy thing unfortunately about the manager I may some day get locked out of the account because using the key when logging in may get buggy too.

[Ernshow]

I have the same problem, Windows machine, Chrome 108.
Works on Firefox, however I don't want to use it just for this one specific site, not really a solution for me.

[Brandin]

This issue persists for me as well, Windows 10, Chrome Version 109.0.5414.120 (Official Build) (64-bit). Any info you need to help debug would be great, I would be happy to provide.

[Dazzler1985]

Was the same for me but it is not much effort to use firefox to add the security key after that it works on all browsers to authenticate.

[dansleboby]

VM411:545 Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('chrome-extension://kmendfapggjehodndflmmgagdbamhnfd') does not match the recipient window's origin ('null').

https://askubuntu.com/questions/844090/what-is-cryptotokenextension-in-chromium-extensions

https://codesearch.debian.net/search?q=kmendfapggjehodndflmmgagdbamhnfd&literal=1

Mayby isse is related to: https://developer.chrome.com/blog/deps-rems-95/#deprecate-u2f-api-cryptotoken

[Michael-MCP]

Just found the same with my Fido Key on safari when trying to add 2FA.
https://www.ovh.com/manager/#/dedicated/useraccount/security/mfa

[Teeed]

The same with chrome. This still does not work.

OVH developers, have fun:
https://thenewstack.io/deprecation-from-u2f-api-to-webauthn/

[alkuzad]

I noticed that Firefox used to work after Chrome disabled this but it is no longer working. The workaround is to install older Firefox (107.0) that still supports U2F.

On Windows the easiest way to do it and not to overwrite local browsers is to run scoop: scoop install [email protected] and run Firefox from ~/scoop/apps/firefox/107.0/firefox.exe

After you are done simple scoop uninstall firefox will remove it from the system, no traces left :)

[orazioedoardo]

You should fix this ASAP, it's quite embarrassing. Moving to WebAuthn would also enable creation of passkeys. Currently enrolled security keys still work at login, but registration does not on any modern browser. Related issues #9632 #9705.

[jonathandhn]

Hey, for the people that have subscribed this ticket to get informed, it works, and now passkeys works too (iCloud (bug aware, duplicated entry name at login), and Samsung Pass One Ui 6.0, Google's android pass is not (as of 14) ), and key removal is working. (MacOS Safari 17 and Chrome 119, Samsung browser One Ui 6.0).

[orazioedoardo]

bug aware, duplicated entry name at login

One of the entry is for ovh.com, the other is for (eu|ca|us).ovhcloud.com. If you saved for one domain the passkey/security key won’t work for the other so you need to guess which one is correct. Removing and adding the key seems to fix duplicate.