U2F support over NFC

AzPunkster · July 24, 2020, 3:58am

Adding my vote for U2F support over NFC, but it looks like it will not happen

Mastacheata · July 24, 2020, 8:26am

If you find any open source apps that have this feature (not limited to password safe apps), please post a link.
I’m not sure if it’s gonna help because Bitwarden isn’t written in Java/Kotlin like 99% of the Android Apps, but I would at least love to have a look at how it should be implemented. The Android documentation is severely lacking on implementation details.

tgreer · July 24, 2020, 12:27pm

More U2F support is on our roadmap for this year, so hopefully we’ll be able to include NFC. More to come when we start work on that project!

Mastacheata · July 24, 2020, 12:40pm

Have you found a way to implement it in Xamarin? There’s an open PR where I tried to implement it but ran into a wall that apparently noone else has ever seen (and there’s actually very little if not zero current information on how to handle U2F in Android apart from a “these are the APIs you will need” half-page entry in the Android documentation.

tgreer · July 24, 2020, 12:53pm

We have NFC working for OTP, but haven’t investigated it for U2F yet, but we do have some helpful folks that may be able to assist in the investigation

Mastacheata · July 24, 2020, 1:04pm

Yeah, the NFC part isn’t really the problem.
The Android U2F API is interface-agnostic (it doesn’t care whether you provide a USB-C, USB-C-to-USB-A, NFC or device-built-in U2F/FIDO2 token => The OS takes care of that)
The problem is the U2F-API itself which already fails at the step of generating a proper U2F/FIDO2 request in my case, without any helpful error message.

I didn’t try to reimplement the U2F protocol myself using the bare-metal NFC interface, as there is already an API in Android that is used by the system itself and by the browsers.

maltejur · August 9, 2020, 11:01am

I dont know how useful this is but maybe have a look at this. It is used by nextcloud and doesn’t use gms but only the java version is open source and the one for xamarin is paid.

rdslw · November 11, 2020, 2:57pm

I’d be very happy to have it implemented.
In fact this is the only showstopper before buying & implementing bitwarden company wide (CC: @tgreer)

TumbleTimble · December 3, 2020, 1:08pm

The roadmap has ‘FIDO U2F Support for additional clients’ in development, I wonder if that includes U2F over NFC?

Bought a Yubikey Security Key with NFC for Bitwarden recently only to find out it’s not supported

Robin_Owens · February 18, 2021, 10:24pm

This is the killer feature that I am waiting for before Lastpass move.

100% is possible as use other apps where it is working on Desktop Browser (like bitwarden does) and in a native android app. (and no they are not using worthless OTP!)

triceps-tamale · October 18, 2021, 9:29pm

It was added in latest update, however, it gives an error dialog An error has occurred

tgreer · October 19, 2021, 1:46am

@triceps-tamale is this the error you’re experiencing? FIDO2 in Android app is not working · Issue #1594 · bitwarden/mobile · GitHub

triceps-tamale · October 20, 2021, 2:15pm

I might be, I am not sure, I added more details in that ticket

benr · November 21, 2021, 5:23pm

Still a valid request and would love NFC and Bluetooth support.

tgreer · November 21, 2021, 5:27pm

Welcome, @benr!

FIDO2 is currently supported via NFC, we’ve just left this thread open as there have been recommendations on improved workflows

benr · November 21, 2021, 9:00pm

Hello @tgreer . It looks like the Yubikey Provider supports NFC however the FIDO2 WebAuthn provider does not.

On further inspection the options available for the FIDO2 WebAuthn provider seem to depend on options provided by the browser itself, I see the same options (USB & Platform, not BlueTooth) available if I test on https://webauthn.io/. So my problem is with the browser, not BitWarden.

Thanks for the response.