Yubikey webauthn doesnt need yubikey solved

I made my 2fa yubikey exclusive (OTP and FIDO2 WebAuthn). Unfortunately, whenever i get prompted to use my yubikey, windows will ask me for my computer pin instead. It will ask me this whether or not I have a yubikey inserted and successfully entering my login pin allows me to pass 2fa. Why is this? To be clear this isn’t my yubikey’s pin, it is my login pin.

edit turns out windows will try and prompt itself for webauthn first through windows hello as stated by sugianto. closing it will initiate yubikey insertion prompt when trying to link a key

Windows can be used as Webauthn itself. When you try to set up Webauthn, it will ask for Windows PIN prompt first. You cancel the first prompt, then it will ask you the second prompt which is for your Yubikey.

1 Like

does that mean i have to delete my yubikeys and relink them? to be clear i was still able to use the yubikey as 2fa through webauthn. I was just annoyed that it gives me that option to choose ‘yubikey or windows pin’

Yes, if you want the webauthn to use your physical key, you should disable all keys and set it up again.