two-factor hardware keys no longer working in firefox

Hi, does anyone know did something change with u2f at Github?  As of today, Firefox 60.5.2esr is being blocked from using Yubikeys to login.

Resolved by github today.

3 Likes

Seeing this image right now.

Background info from Firefox Troubleshooting Information:

Version 65.0.2
Build ID 2019022821563

OS Linux 5.0.2-arch1-1-ARCH

2 Likes

This is not resolved.

Right now if I get a login prompt from GitHub while I’m using Firefox, it asks me to enter my password. If I change my user agent to Chrome, still using Firefox, it properly adds that I can press a button on my security key to log in.

So U2F is still being blocked in Firefox based purely on user agent.

3 Likes

Looks like everything except for Chrome is blocked. I wonder what could be the reason for this.

Sorry for the trouble you’ve all had here. We’ve recently pushed some changes that should have re-enabled the work-around you were using previously. So please do try signing in again as you had done prior to these last few days.

If you continue to encounter issues though, please do let us know!

1 Like

I still can’t register my Yubikey through Firefox, there is this message on the security page : "This browser doesn’t support the FIDO U2F standard yet. We recommend updating to the latest Google Chrome to start using security key devices. ".

I succesfully registered and use my Yubikey as U2F through this browser on other providers (AWS, …).

9 Likes

I cannot register any keys with Firefox 66.0.3. u2f is enabled in about:config and it definitely works on other sites. Github seems to only support Chrome for registering keys for some reason.

1 Like

@andreagriffiths11 wrote:

Sorry for the trouble you’ve all had here. We’ve recently pushed some changes that should have re-enabled the work-around you were using previously. So please do try signing in again as you had done prior to these last few days.

 

If you continue to encounter issues though, please do let us know!

I am still seeing an issue:

macOS 10.13.6

Firefox 66.0.3 (64-bit)

security.webauth.u2f === true

This browser doesn’t support the FIDO U2F standard yet. We recommend updating to the latest Google Chrome to start using security key devices.

4 Likes

Still not working, Firefox 66.0.5 64-bit Win10, see screenshot, the notice is displayed when on Security page. 

I’m on Firefox 67 and also seeing that GitHub is telling me to switch to Chrome. I checked that u2f (and WebAuthn) is enabled in the browser’s about:config. Once I switched the user-agent to Chrome, I was able to successfully register my hardware token. Can you unblock Firefox (at least the latest versions) from being able to register/use tokens?

1 Like

Couldn’t connect using Firefox either!

I also checked security.webauth.u2f is at true.

I’m also still encountering this issue in Firefox 67.0 on Ubuntu 18.04.

As others have reported, this is not actually resolved. Firefox 67 just released as stable, which has u2f enabled as a default. I’m still seeing the message even after successfully using u2f on other sites:

More info:

  • Firefox 67.0 (64-bit) fedora - 1.0

  • Fedora 29 x64

Tried to register a U2F key today. Same problem as others.

Using Firefox 67 on Winfows 10.

Thanks for reaching out, and apologies for the delayed response here, we wanted to make sure there was not any updates on this topic.

Can I ask if the security.webauth.u2f flag has been enabled in Firefox? You can find it by entering about:config into the browser’s address bar. From there, you can search for security.webauth.u2f and make sure it’s set to true. Once that has been set, you should be able to add a new security key.

If you have any issues with that however, it may be worth setting up in Google Chrome first to configure a new key, then you would be able to sign-in with Firefox.

Sorry, I didn’t have a more definitive answer to provide here but we’re limited in our ability to troubleshoot issues on your browser, especially while official support is still not something we’re quite able to offer at this time. 

1 Like

Hey Andrea,

thanks for that workaround. Do you have an ETA for re-adding Yubikey support for Firefox?

I have added the key with Chromium (Ubuntu) and there, only the Yubikey is being requested.

With Firefox, by default an SMS is sent even though I login with Yubikey.

It is annoying to get spammed with SMS I do not need.

This still is an issue. Can we get an ETA for resolution?

Can confirm that logging in works with Firefox, but I first have to setup the key in Chrome.

I can confirm as well that it doesn’t work with Firefox 67.0.4 on Ubuntu 19.04 as well as on Arch Linux.

1 Like