Pico Fido not working on Windows 10 after update from 5.8 to 5.10 #49
Comments
|
Can you try with Chrome? Firefox has buggy behaviour. I’ll try to debug with win10 to see what’s happening. |
|
Sure, I'll try it tonight. |
|
I tried to conduct some more thorough tests, and the behavior is quite strange. Sometimes the browser asks to insert the key as if it were not recognized at all, sometimes the browser loops on the PIN code request and the registration does not succeed, and sometimes it works. It's as if a value is at the limit and the functioning depends on the tolerance of the environment. In any case, reverting to version 5.8 and everything works perfectly, so I don't think it's a hardware problem with my Pico board. |
|
I cannot reproduce it. I tested in Windows 10 with Chrome, Firefox and Edge against webauthn.io and worked 3/3. Did you try it with webauthn.io or you use a specific page? Edit: also tested with Yubikey Manager and Fido 2.1 Manager. Did you patch VID/PID with Yubikey values? Mines are 1050:0407 |
In addition to linux -which works well- I tested most combinations of
I've also done some new tests
Same behavior
My usual setup is patched as a Yubikey 4/5, I tested with and without.
I noticed that when the key was ‘not recognised’, there was no need to try several times, just wait between 30 seconds and 1 minute and the ‘Insert your security key’ message disappears and the key is recognised, which is why I found the behavior erratic Finally, a more accurate description of what I observe is : |
|
Same issue. The led doesn't even blink on 5.10 while it does on 5.8. This is regardless of the operating system apparently, since I've tried on both macOS and Fedora. |
|
I tried on another Pico. 5.10 makes the led blink, but it does not function at all. |
|
I spotted several critical problems mixing CCID and HID interfaces. I am preparing a new release, which also adds a support for ESP32. |
|
Happy to hear that! |
|
I cannot reproduce this issue with Waveshare Zero. I think I will be using that for now. |
I just tried with the HEAD of the |
|
v5.12 should fix all these problems. |
Version 5.12 seems to be working well on Windows for authentication. |
|
What do you mean? You can use Pico Fido with your browser without any external tool. |
|
Yes, absolutely, and that usage works well. Yubico Manager and Yubico Authenticator allow you to configure the key, for example the action of the button when the key is not expecting user presence. |
|
It should work with both, but before you must patch VIDPID with a know Yubico VIDPID in order to those apps recognize your key as a Yubico one. |
|
Yes, that's what I do in both cases, using Pico Patcher and selecting Yubikey 4/5 OTP+FIDO+CCID. |
|
What |
|
v5.12 v5.8 |
|
Not much differences, maxCurrentPower, dwProtocol, bcdVersion and size of HID report descriptor. Is this behavior still happening if you flash v5.8 now? |
|
The behavior seems consistent across version regardless of installation method. Works like real Yubikey, without administrator privileges, except for managing passkeys :
Requires administrator privileges
|
|
I tried v5.8 and it requires to be ran with Admin privileges, like in v5.12. I do not see any difference in that sense. Perhaps, your OS has whitelisted your previous device. |
|
I'm having some kind of similar issues with 5.12, Win10 and Firefox. Pressing reset or removing the key while attempting to generate (register) a key prompt for the device to be re-inserted, but nothing happen after reinsertion. Else the dialog just says please insert your device. The same device works on MacOS. |
|
I made some adjustments for Windows in 2011cfd3 but the overall behavior seems buggy. Whilst it works smoothly with Edge, in Chrome is not even recognized. I'm not sure if it's a problem of permissions or what. |
|
Let me know if you need some logs or such, I can try to gather some data there. Should I rather open a separate ticket ? |
|
First try it with Edge to see whether is a browser specific problem or not. |
|
will try tomorrow first thing in the morning and let you know 👍 |
|
So edge is not working either, and only proposing me a QR-code to scan on my phone. as if it would not see the device at all. Okay, seems like edge is not working at all with hardware keys as my yubikey is not recognized there either. So I just checked again on firefox, and it's working there, the pico, unfortunately not. |
What happens if you leave the pico plugged in for 1 minute before registering (instead of inserting it at the time of the request)? |
You have to select "use external security key" or similar, the first option. If you get the QR probably you are selecting the second option of "using security key" (not the external security key). |
|
Thank you that is correct, I had tried the wrong option in the popup. I managed to get some progress there. it seems firefox is working some times as well, you just have to wait long enough. (I was copying the prompt to insert a key, when it suddently chenged into "Enter PIN"). I just timed it, it seems like it's about 45-50sek. you have to wait between device insertion and prompt for your pin. |
|
I made a nightly automatic snapshot to build the firmwares in the development branch. https://github.com/polhenarejos/pico-fido/releases/tag/nightly-development Can you try if it is fixed with latest development firmware? |
|
It worked!, thanks. |
Developer tell me! v5.8 does not work under windows Acccount (smartcard) mode only under android and linux under Yubico Authenticato under what is the reason? |
|
This is a bug of Yubico Authenticator which its regex only accepts minor versions up to 9. This will be fixed with next version 6.0 This only affects to Smartcard and not ctap/fido. |
|
v5.8 linux account is working! :) windows account he doesn't work? :(
v5.12 fault linux and windows os to account ! |
|
Yo tengo el mimo problema aún ya instale la versión 6.0 |
Hi,
First of all, thank you very much for this project, it is very useful !
After updating my key from version 5.8 to version 5.10, I can no longer use it with Windows 10.
It appears in the device manager as before, 4 USB devices with the expected VID:PID (1 Composite, 2 HID & 1 Smart Card), but the browser (tried with Firefox and Edge) or applications like Yubikey Manager and FIDO2.1 Manager no longer detect it.
I use the base variant
pico_fido_pico-5.10.uf2I've tried the update using the original binary and the patched binary (Yubikey 4/5), restoring RP2040 flash between the 2 tests, I get the same behavior in both cases.
Everything seems to work correctly in 5.10 with Ubuntu 24.04 and all my settings are preserved (PIN, 2FA, resident keys...).
I didn't lose anything. I had done a memory dump before updating, so I simply restored my key to version 5.8.
If I can provide any other useful information, please don't hesitate to ask :)
The text was updated successfully, but these errors were encountered: