Troubleshooting technical issues is much easier when both the user and support agent practice clear communication. For this reason, we have provided the template below for you to fill out with information about your issue. Please provide as much detail as possible so we can most efficiently resolve your problem.
Delete the any text above the line separator below before posting
Description of the issue: How can this issue be reproduced?
Install Bitwarden extension from the chrome store.
Log into the Bitwarden extension.
Expected result:
Log in and password then FIDO U2F authentication should ask for hardware key press.
Brave Version( check About Brave):
1.24.84
Additional Information:
I tried going directly to vault.bitwarden.com and changing the Fingerprinting and Scripts shields to be allowed as I think that is where the app is trying to communicate(I am not positive of this), but that did not work. FIDO U2F does work when using it to log into the website with the shields disabled for the website. It also works on the extension when I disable Fingerprinting and Scripts globally in the settings.
I use a Yubikey as well. It looks like you have yours set up for OTP access which I may wind up doing. I was set up to use FIDO U2F. I just noticed when I went back in and looked that Bitwarden changed FIDO U2F over to FIDO2. I reset my token in Bitwarden thinking it may be a problem with the switch between authorization types, but that didn’t work either. It really just seems like the script and fingerprint blocking is interfering with the extension.
I’m using Bitwarden premium (not sure if that matters). though script blocking in shields may cause issues. Keeping shields default for script/fingerprinting will cause the lest issues.
Even using or registering the ubikey 2FA on Facebook or Google, no issues with fingerprinting there.
I’m using premium as well on Bitwarden. I also do keep the shields on default/reccomended. I think with the OTP method which I believe is what you are using it works much like an authenticator app in that the one time password is generated both in the authenticator app and in the extension itself so the extension doesn’t need to communicate to receive or verify the password. With FIDO2 I’m guessing that the hardware key, the extension, and windows all need to talk to authenticate the log in and something in the script and fingerprint blocking is stopping that. I will probably just switch to the OTP method with it for now because I don’t have enough understanding of how everything communicates to be able to find the issue.
