two-factor hardware keys no longer working in firefox

@andreagriffiths11 wrote:

Sorry for the trouble you’ve all had here. We’ve recently pushed some changes that should have re-enabled the work-around you were using previously. So please do try signing in again as you had done prior to these last few days.

 

If you continue to encounter issues though, please do let us know!

I am still seeing an issue:

macOS 10.13.6

Firefox 66.0.3 (64-bit)

security.webauth.u2f === true

This browser doesn’t support the FIDO U2F standard yet. We recommend updating to the latest Google Chrome to start using security key devices.

4 Likes

Still not working, Firefox 66.0.5 64-bit Win10, see screenshot, the notice is displayed when on Security page. 

I’m on Firefox 67 and also seeing that GitHub is telling me to switch to Chrome. I checked that u2f (and WebAuthn) is enabled in the browser’s about:config. Once I switched the user-agent to Chrome, I was able to successfully register my hardware token. Can you unblock Firefox (at least the latest versions) from being able to register/use tokens?

1 Like

Couldn’t connect using Firefox either!

I also checked security.webauth.u2f is at true.

I’m also still encountering this issue in Firefox 67.0 on Ubuntu 18.04.

As others have reported, this is not actually resolved. Firefox 67 just released as stable, which has u2f enabled as a default. I’m still seeing the message even after successfully using u2f on other sites:

More info:

  • Firefox 67.0 (64-bit) fedora - 1.0

  • Fedora 29 x64

Tried to register a U2F key today. Same problem as others.

Using Firefox 67 on Winfows 10.

Thanks for reaching out, and apologies for the delayed response here, we wanted to make sure there was not any updates on this topic.

Can I ask if the security.webauth.u2f flag has been enabled in Firefox? You can find it by entering about:config into the browser’s address bar. From there, you can search for security.webauth.u2f and make sure it’s set to true. Once that has been set, you should be able to add a new security key.

If you have any issues with that however, it may be worth setting up in Google Chrome first to configure a new key, then you would be able to sign-in with Firefox.

Sorry, I didn’t have a more definitive answer to provide here but we’re limited in our ability to troubleshoot issues on your browser, especially while official support is still not something we’re quite able to offer at this time. 

1 Like

Hey Andrea,

thanks for that workaround. Do you have an ETA for re-adding Yubikey support for Firefox?

I have added the key with Chromium (Ubuntu) and there, only the Yubikey is being requested.

With Firefox, by default an SMS is sent even though I login with Yubikey.

It is annoying to get spammed with SMS I do not need.

This still is an issue. Can we get an ETA for resolution?

Can confirm that logging in works with Firefox, but I first have to setup the key in Chrome.

I can confirm as well that it doesn’t work with Firefox 67.0.4 on Ubuntu 19.04 as well as on Arch Linux.

1 Like

Also not working on Firefox 67 on Fedora 30… Cannot register my security key :frowning:

1 Like

I too am seeing this on the latest Firefox, 67.0.4 (64-bit) and Win 10.  As of 67 Firefox’s U2F support is even enabled by default.  But I did double check in about:config and yes it is enabled. Based on other responses here it seems github explicitly requires Chrome for U2F by checking the useragent.  This is entirely unwarranted and I don’t understand how github hasn’t changed this.  I suspect if I install a plugin to spoof my useragent to appear as chrome it would probably work but there is no reason I should have to do so.

2 Likes

I don’t know if this is the place, but it’s also not working in edge

I just logged in, I’m on latest Firefox and this still asking to use Chrome


$ firefox -v  
Mozilla Firefox 68.0.1  
$ lsb\_release -a  
No LSB modules are available.  
Distributor ID:    Ubuntu  
Description:    Ubuntu 18.04.2 LTS  
Release:    18.04  
Codename:    bionic  

Though, on this Firefox, I able configured my key with Google to login to Gmail already.

As of today I’m still not able to add a key on Ubuntu 19.04 and Firefox 68 (where it enabled by default)…

For Firefoxyou can try this workarround:

https://jackgruber.github.io/2019-06-07-Security-hardware-key-on-Github-with-Firefox/

Also works on other websites.

1 Like

It’s a shame that GitHub developers took the lazy way and just checked the browser instead of the API. I’m perplexed by the fact that something this simple still hasn’t been fixed and that a workaround is needed.

3 Likes

This ends up being a pretty good workaround, as you only need to spoof the Chrome useragent to enroll the security key; I was able to turn off the useragent override after setting up my key and authenticate with Firefox/default useragent. Looks like the Chrome check is only being done on the security page. Still for shame, Github. Get it together.