You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I checked in Yubico Sample and when we want to register FIDO2 YubiKey (NFC), if before YubiKey have PIN, we must pass PIN when we try register new Yubikey. BUT when we authenticate (user its registred) we not must provide PIN for YubiKey, Yubico library success response AssertOnKeyAuthenticationResponse and we can authenticate. So Question is - why? I checkend webauthn on browser and we must ALWAYS provide PIN to YubiKey when authentication is present.
I checked in Yubico Sample and when we want to register FIDO2 YubiKey (NFC), if before YubiKey have PIN, we must pass PIN when we try register new Yubikey. BUT when we authenticate (user its registred) we not must provide PIN for YubiKey, Yubico library success response AssertOnKeyAuthenticationResponse and we can authenticate. So Question is - why? I checkend webauthn on browser and we must ALWAYS provide PIN to YubiKey when authentication is present.
Read that article https://support.yubico.com/hc/en-us/articles/4402836718866-Understanding-YubiKey-PINs but it not help.
The text was updated successfully, but these errors were encountered: