U2F support over NFC

unomagan · April 6, 2018, 7:21am

Hello,

please support U2F via NFC. GitHub for example works this way.

nkmhockey · August 1, 2018, 9:19pm

I voted because I think this important, but my understanding is that there are no available C# libraries to enable this behavior. U2F is supported on Android via NFC by way of Chrome and Google Authenticator APIs, but I am not aware of any apps that implement U2F support.

As a work-around, my plan is to enable U2F and Yubikey OTP on Bitwarden using my NEO for both. Based on the priorities listed here: Two-step Login Methods | Bitwarden Help Center

You can enable multiple two-step login methods. If you have multiple two-step login methods enabled, the order of preference for the default method that is displayed while logging in is as follows: FIDO U2F → YubiKey → Duo → Authenticator app → Email. You can manually switch to and use any method during login, however.

This means that I should be able to use U2F on any PCs with a USB port and fallback to Yubikey OTP on mobile.

I am also considering only enabling U2F on Bitwarden. This means that there will theoretically be no way to log into Bitwarden on a new phone. However, if you rarely switch phones, then you can use a back-up code to disable 2FA (or temporarily disable U2F on a PC), log in, and then re-enable U2F after logging in. Combined with the fingerprint lock on mobile, I think this is a reasonable configuration, but may not be suitable for people who switch phones regularly.

I am a new Yubikey user, so I am not sure of the security differences between OTP and U2F. My understanding is that the improved security of U2F is most beneficial on PCs; the attack vector for OTP on mobile via NFC should be fairly small.

I’m not positive, but it looks like this may be available to be implemented: FIDO2 API for Android | Authentication | Google for Developers

Brian_Humlicek · November 11, 2018, 3:30pm

I second U2F over NFC. I have a Titan key from Google that supports NFC that I am dying to use with my iPhone. I am picking through the code, and it looks like all the ingredients are there to make it happen, it just needs to be wired up.

a_l · November 14, 2018, 4:10am

I’m also looking for NFC support via Titan (Feitian) NFC key.

roaringlambs · December 26, 2018, 9:49pm

Same here… Need TITAN support over NFC or Bluetooth

Pavel_Honner · January 12, 2019, 2:02pm

Hoping for yubikey FIDO2 over NFC.

jabib · February 28, 2019, 1:08pm

Please don’t skip FIDO over NFC. Both FIDO and FIDO2 over NFC in the Android App are important.

prickly_porcupine · March 3, 2019, 7:48pm

I’m also waiting for FIDO over NFC / Bluetooth.

Gerhard · March 5, 2019, 7:04pm

Just bought two new yubico security keys with NFC, so I would also very much like to see NFC support for FIDO(2) U2F!

Naia · March 14, 2019, 5:00am

I am a premium subscriber of Bitwarden and i voted on this issue because it is important to me. I have recently purchased two Yubikey Security Keys (the blue ones) for evaluation and implementation into my daily security hygine, with two Yubikey 5 NFCs on the way. I feel the reason many give up or overlook hardware tokens as a security option is due to lack of support in their favorite applications. Experienced users can setup the other slots of the YubiKey – but those new will be slow to adapt if it’s not a set and forget motion. U2F for NFC is a must!

roaringlambs · March 20, 2019, 3:22pm

Any updates on this?

MrMista · April 23, 2019, 3:11pm

Please, please, please support this.

I purchased a premium in hopes of using my Titan key and while it works on desktop, without having mobile support it is kind of unusable.

I do not regret my premium support because this is fantastic software, and super cheap. But it would be very appreciated if this could be added.

OpSec · April 25, 2019, 8:03pm

Consider this another vote for this. In fact I would upgrade my “want” to a full blown PLEA for this needed feature!

stepa · May 8, 2019, 5:06pm

Yes, this feature is extremely important to me. Please implement it, thank you!

Formedras · May 11, 2019, 10:33am

There’s no actual need for a C# library to be available for Bitwarden on mobile to use U2F/NFC, provided a Java (for Android) or C or Objective-C (iOS) library exists for it instead. That’s the wonder of Xamarin.Forms.

Mastacheata · May 11, 2019, 11:05am

Xamarin doesn’t provide access to the high-level FIDO2-API of Android, but access to the low-level NFC-API is available.
I’m not that familiar with C# and even less with Xamarin, but as this apparently isn’t on the roadmap for 8bit / the core Bitwarden Team and noone else has stepped forward I might give it a try.

obscurmoirage · May 30, 2019, 5:29pm

So that’s why nfc seems not supported on my oneplus 5t ?

Just bought a premium account to activate my yubi4…

sights.

izzy84075 · June 8, 2019, 12:31am

https://www.nuget.org/packages/Xamarin.GooglePlayServices.Fido/ Preview versions of Xamarin bindings for Android’s FIDO API are available, so this shouldn’t be too long in the works, hopefully.

Ghost_Recon131 · June 8, 2019, 5:26am

yubikey 4 never supported nfc in the first place, unless you have the Yubikey Neo, yubikey 5 or FIDO 2 security key with NFC.

OpSec · June 16, 2019, 12:33am

FIDO 2 Security Key with NFC does NOT work on Android, so be advised! I have two of them and they are useless for BW on my Androids - at this time.