This would be great. I just switched our whole company to Bitwarden kind of assuming that this works. Now everyone needs to use an extra OTP-generator even though they already have a FIDO2 key for everything else.
This should be trivial to implement with Yubikey NFC already working.
I don’t understand. Do you mean I can use U2F keys with the iOS Bitwarden app? As I stated, my problem is that all our employees have FIDO2 keys but now need to use an extra OTP app to have a second factor with Bitwarden, which is a shame.
You can use security keys with the iOS Bitwarden app, if they support some form of OTP, such as the Yubikey 5 NFC for example. However, it would be great to extend Bitwarden’s support towards FIDO U2F.
To make this more clear for other users:
No.Currently you cannot use FIDO/U2F on iOS, not in the app, nor to acces the webvault using Safari. WebAuth support from Apple is available and Google implemented this very recently (june 3).
And yes you can use a Yubico key using Yubico OTP but then you have to use one of the only two available OTP slots. If you don’t want that, you can always fall-back to regular TOTP, using Yubico authenticator (which works on iOS over NFC), or any other TOTP app.
I second the request to support FIDO/U2F on iOS. See also here.
Implementing U2F on iOS makes the Yubikey OTP flow kind of obsolete. After all every Yubico OTP key also has U2F (if i’m not mistaken). And of course the many other U2F keys get to function as well.
Does this mean that a YubiKey 4 (not 5) could soon be used with Bitwarden on iOS? I tried connecting it to an iPhone via a Lightning<->USB adapter and FIDO U2F authentication was working fine in Safari.
However, the Bitwarden app only supports Yubico OTP. Thus, I registered the Yubico OTP interface via the Bitwarden browser app. The Bitwarden iOS app now shows below screen, but pressing the YubiKey does nothing. I’m not sure if Yubico OTP is even supported via Lightning adapters.
Could you please try the following steps @B0UNC3R: cancel the NFC prompt, tap on the grey line to make focus and tap on the YubiKey to insert the code:
Thank you, that did the trick. Is this UI intentionally hidden from users? Not sure if I would have identified this as an input field without your help.
The issue it’s with iOS loosing focus after tapping the cancel button, on Android if you press cancel you just need to press the Yubikey button and the code gets filled. Gonna report the issue to the devs and see if anything can be done to recover focus.
Thank you, sir. Also, the UI currently suggests that an NFC key is the only way to get in. The UI should make clear that inserting the key is another option.
Since it’s Q2 now, what is the status on this feature please?
I checked the links @tgreer provided but couldn’t find anything related so I signed up for a family trial account to try it out myself but it doesn’t work yet and deleted my account.
Looking to move over as soon as this is officially supported, this is a hard requirement for me.
(I refuse to use Yubico’s OTP feature over NFC, this does work though)
We actually had to implement some updates from the mobile frameworks (Xamarin) and that took quite a bit of QA/Testing cycles last quarter. We have it as a high-priority item for starting this quarter, but an updated engineering evaluation puts it as a higher effort/time item, so it potentially could be the end of Q2 or some time in Q3 when this is released, based on our current workload/testing estimates.