Support more than 5 U2F keys

omniproc · May 31, 2020, 2:23pm

Currently up to 5 FIDO U2F keys may be added. It would be awesome to allow some more. I don’t want to go into details but I myself have 8 keys and when rotating them (replacing with new) it may temporarily be up to 10 keys. It would be great if you could add support for some more keys.

Ben86 · February 27, 2021, 11:38pm

Bump for reply?

tgreer · February 28, 2021, 4:15pm

Edited the topic to reflect the ‘count’ instead of seeming like we needed to support more ‘types’ of keys

hova · March 8, 2021, 3:57am

Is it possible to increase Yubikey U2F and/or OTP slots beyond 5?

Anecdotally, I think other Yubikey-protected services (Google, Facebook, GitHub) do not have a slot limit. (They also seem to bundle U2F and OTP together, but that’s a discussion for another day).

I’ve seen Increase YubiKey slots from 3 to 5 · Issue #135 · bitwarden/server · GitHub but it leads to a dead forum link. What was the rationale for limiting to 5 slots?

a.giacomin · July 15, 2022, 1:06pm

Hi,
Would it be possible to allow a user to register more than 5 FIDO2 keys for the account?

FIDO2 Authenticator can be cross platform (eg Yubikey) and platform (eg TPM, ecc) with multiple devices and a few security keys you can easily max out the available slots.

wendor · January 15, 2023, 3:03pm

As a user with 2 YubiKeys, 5 standalone WebAuthn-supporting keys, and 3 WebAuthn-supporting devices, I require more than 5 WebAuthn key slots.

10 slots sounds fair.

wnelson03 · January 19, 2023, 4:39am

Still very much needed. I agree with the others, 10 sounds like a good number. If a limit at all, I don’t see the need for one. Storage doesn’t seem to be a problem if users can add unlimited vault items.

I personally have a couple of WebAuthn keys at my residence. Then, I have more scattered across different family members’ residences.

A limit increase becomes even more necessary for those without NFC on their phones. My immediate family all have Motorola phones released after 2020 that don’t support NFC. So, my family has to have a couple USB C WebAuthn keys, and a couple USB A WebAuthn keys. You can see how the requirement for more than five keys is quickly surpassed in scenarios like these.

AlCar · February 11, 2023, 4:49pm

Adding my support for this. The 5 key limitation is limiting and seems like it wouldn’t take all that much to expand it.

go12 · February 11, 2023, 8:06pm

thank you @wendor @wnelson03 @AlCar! we appreciate you sharing this feedback. as security keys become more popular it may make sense to look at this further

a.giacomin · September 15, 2023, 7:42pm

Allowing the user to register 10 FIDO2 credentials (passkeys or device-bound credentials) seems to be the standard.