Android mobile YubiKey 5 NFC - WebAuth

When I try to login to my Bitwarden vault using my YubiKey 5 via NFC I get the following error:
An error has occured. Make sure your default browser supports WebAuthn and try again. NotReadableError: An unknown error occurred while talking to the credential manager.

My YubiKey works just fine when I use the Yubikey authentication method but not when I try to use the WebAuthn. I am sure that it is something wrong but I don’t know what. Could it be that I can have both the Yubikey authentical and the WebAuthn method both available for the same YubiKey device? PS - I am fine with continuing to use the Yubikey authentication method, but I read recently that WebAuthn was a bit more secure.

Does anyone have any ideas?

What is the “default browser” on this device? WebAuthn is supported on Android with a FIDO2-supported browser.

does it work via usb-c connection

First, thank you to both grb and Bob for your follow-up questions.

The default browser on my android phone is Chrome.
It does not work via the usb-c connection.

It does work just fine when I use the Yubikey authentication, just not the WebAuth.

What is the version number of Chrome, and what is the version number of your Bitwraden app? Also, if you log in to Bitwarden from a computer (e.g., using the web vault or desktop app), does the WebAuthn 2FA work?

Chrome 110.0.5481.1153
Bitwarden version 2023.2.0
On my computer (both the vault and desktop app) WebAuthn works just fine.

Try the trouble-shooting steps here:

Also, your issue seems related to the problems reported in this open issue on Github:

grb - Thank you for the two links. I had already found and read the first one. However, I did not see the 2nd one (FIDO2 in Android app not working). Thankfully, you found a post on github directly. I appreciate that.

My issues are exactly as described in the 2nd post - the most recent one being quite recent. So, apparently this is still an issue. Hopefully it will get resolved in some form or fashion at some point.

In the meantime, the NFC authentication method via YubiKey (not the Webauthn) is working.

Did you try the proposed work-around of using the YubiKey Manager app to disable the NFC-OTP protocol?

I use Brave, which is a Chromium-based browser just like Chrome. And WebAuthn works fine with my Yubikey w/NFC.

1 Like

Yes. I did try that to no avail. Thank you for continuing to make suggestions. I rarely use my phone for BitWarden anyway. So, at this point, I will continue to YubiKey authentication for my phone. It is a pretty good form of 2FA; and from what I have seen in some other posts in BitWarden, I believe that it ever so slightly less secure that WebAuthn.

1 Like

Thank you BW. I have seen some other mentions that Brave does seem to work, so I might change my default browser to Brave and try it.

Just a quick comment and nothing to do with your original post.

I quite like Brave. I use it on Windows and Android. It’s nice and quick and frustrates browser fingerprinting on web sites.

I did use Firefox with the noscript plugin, but that really did break a lot of sites which made it almost unusable. Brave doesn’t disable JavaScript, it just lies to it with random information, so it still works, but the nosey old web site just gets crap, which suits me very well.

Just my two pennorth…

Cheers

Steve

1 Like

Wow I bought two yubikey 5 NFC for main reason to use with bitwarden, and half of times wish to use it with my phone. NONE of options work for me, I just tried disable FIDO2 WebAuthn because I’ve this issue too. And only have enabled Yubikey OTP on, BUT it tells me to insert BIO, I don’t even use the BIO, and I have the USB A version because all my computers still use USB A, so I cannot plug it into the phone, I meant to use NFC with it.
I’m amazed this issue exist, perhaps should’ve searched before I bought it