U2F Support for additional Bitwarden clients

Hello,

I did some search on this topic but unfortunately no further information on the status of U2F integration for Bitwarden Desktop.

I am happy to help.

@ariandyy hi and welcome!

Just to clarify, is this about adding two-step vault access to the desktop vault?

Hi @tgreer, thanks!

Generally yes, but specifically two-step with U2F Tokens such as Yubikey.

We support Yubikey on login currently, just not on “unlock”.

With our new auto-logout feature (coming shortly), you can set the vault to require authentication (fully) when the vault times out, so you’ll be asked to use your Yubikey to unlock each time.

2 Likes

Are you sure about that? Bitwarden Desktop v1.17.2 (current) throws an error if I try to login to my account (U2F configured).

What error are you encountering?

oh sorry, wrong wording, not an exactly an error, but this:

This account has two-step login enabled, however, none of the configured two-step providers are supported by this device.
Please add additional providers that are better supported across devices (such as an authenticator app).

Nah - this was my fault - I didn’t pay attention to the desktop app portion of your description.

We support Yubikey on lots of stuff, but U2F on a select number of clients (web vault and browser extensions on certain browsers) - more info here:

https://bitwarden.com/help/article/setup-two-step-login-u2f/

Thanks for the link.

Is U2F support for Bitwarden Desktop (non-browser) planned?

If you have a Yubikey, try adding a Yubikey 2FA entry with your same security key. That’s what I’m doing for now.

Debilitating this requires a feature request and vote. It is a core security feature.

1 Like

@commandline-be welcome!

This was unfortunately a limitation for some of the frameworks we use until recently. We have FIDO U2F on the 2020 roadmap now.

1 Like

Best reason thus far. Really beyond me how this can become an issue for an open source project.

If the feature appears i consider signing up again.

These people have this working on any platform since years https://play.google.com/store/apps/details?id=de.cotech.hw.fido.browser

I was surprised this morning to find I could not use a Yubi security key (FIDO U2F) to log in to Bitwarden on Safari browser on a Mac. I use a Macbook as my laptop so tend to have security fairly restrictive and log bitwarden out after a while. Having to use TOTP to log in each time is a bit of a pain when my linux desktop which has less security does it with the Yubikey.

Could you please add FIDO U2F support on Safari on a Mac.

@xyzzy - thanks for your post! I moved it into this thread. We can cover U2F on desktop and other platforms here.

We do have it on the roadmap for later this year.

2 Likes

Great to hear,that U2F on desktop is now on you roadmap :+1: U2F support was the main reason for me to buy Bitwarden premium. Unfortunately Bitwarden desktop doesn’t U2F yet :confounded:

2 Likes

I am having the same problem as well. M1 Macbook Air. I installed the application, entered my master password, and then it says it cannot proceed with 2FA because my device is not supported.

No issues with any other logins. Logging into Gmail and Namecheap with Safari prompt me to touch my key as expected.

Is U2F for Android Coming??

It’s on the roadmap for ~ Q1 this year :slight_smile:

Is that Q1 of the Calendar Year or Q1 of a Financial Year :grinning:?

1 Like