U2F support over NFC

app:mobile

#1

Hello,

please support U2F via NFC. GitHub for example works this way.


#2

I voted because I think this important, but my understanding is that there are no available C# libraries to enable this behavior. U2F is supported on Android via NFC by way of Chrome and Google Authenticator APIs, but I am not aware of any apps that implement U2F support.

As a work-around, my plan is to enable U2F and Yubikey OTP on Bitwarden using my NEO for both. Based on the priorities listed here: https://help.bitwarden.com/article/setup-two-step-login/

You can enable multiple two-step login methods. If you have multiple two-step login methods enabled, the order of preference for the default method that is displayed while logging in is as follows: FIDO U2F → YubiKey → Duo → Authenticator app → Email. You can manually switch to and use any method during login, however.

This means that I should be able to use U2F on any PCs with a USB port and fallback to Yubikey OTP on mobile.

I am also considering only enabling U2F on Bitwarden. This means that there will theoretically be no way to log into Bitwarden on a new phone. However, if you rarely switch phones, then you can use a back-up code to disable 2FA (or temporarily disable U2F on a PC), log in, and then re-enable U2F after logging in. Combined with the fingerprint lock on mobile, I think this is a reasonable configuration, but may not be suitable for people who switch phones regularly.

I am a new Yubikey user, so I am not sure of the security differences between OTP and U2F. My understanding is that the improved security of U2F is most beneficial on PCs; the attack vector for OTP on mobile via NFC should be fairly small.

I’m not positive, but it looks like this may be available to be implemented: https://developers.google.com/identity/fido/android/native-apps


#3

I second U2F over NFC. I have a Titan key from Google that supports NFC that I am dying to use with my iPhone. I am picking through the code, and it looks like all the ingredients are there to make it happen, it just needs to be wired up.


Google Titan Key support in Android App?
#4

I’m also looking for NFC support via Titan (Feitian) NFC key.


#5

Same here… Need TITAN support over NFC or Bluetooth


#6

Hoping for yubikey FIDO2 over NFC.


#7

Please don’t skip FIDO over NFC. Both FIDO and FIDO2 over NFC in the Android App are important.


#8

I’m also waiting for FIDO over NFC / Bluetooth.


#9

Just bought two new yubico security keys with NFC, so I would also very much like to see NFC support for FIDO(2) U2F! :grinning:


#10

I am a premium subscriber of Bitwarden and i voted on this issue because it is important to me. I have recently purchased two Yubikey Security Keys (the blue ones) for evaluation and implementation into my daily security hygine, with two Yubikey 5 NFCs on the way. I feel the reason many give up or overlook hardware tokens as a security option is due to lack of support in their favorite applications. Experienced users can setup the other slots of the YubiKey – but those new will be slow to adapt if it’s not a set and forget motion. U2F for NFC is a must!


#11

Any updates on this?


#12

Please, please, please support this.

I purchased a premium in hopes of using my Titan key and while it works on desktop, without having mobile support it is kind of unusable.

I do not regret my premium support because this is fantastic software, and super cheap. But it would be very appreciated if this could be added.


#13

Consider this another vote for this. In fact I would upgrade my “want” to a full blown PLEA for this needed feature!


#14

Yes, this feature is extremely important to me. Please implement it, thank you!


#15

There’s no actual need for a C# library to be available for Bitwarden on mobile to use U2F/NFC, provided a Java (for Android) or C or Objective-C (iOS) library exists for it instead. That’s the wonder of Xamarin.Forms.


#16

Xamarin doesn’t provide access to the high-level FIDO2-API of Android, but access to the low-level NFC-API is available.
I’m not that familiar with C# and even less with Xamarin, but as this apparently isn’t on the roadmap for 8bit / the core Bitwarden Team and noone else has stepped forward I might give it a try.