-
Notifications
You must be signed in to change notification settings - Fork 151
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Broken in 4.6 #123
Comments
Do all of the other methods work? |
Do we have anyone else who can also test with a Yubikey? |
Tested with a Yubikey NEO. Both wordpress installs test http and https. Edit: |
Can confirm on 4.6.1 I can't add a Yubico Fido U2F key. Pressing the "Add new" button results in a "Failed" message and nothing seems to light up on the dongle itself. OTP seems to work fine with Goog authenticator MacOS Sierra / Chrome 54.0.2840.59 (64-bit) |
@georgestephanis Here is the error message from the console when trying to register a new Yubikey: I'm looking into this now. |
@JSkier21 @meltedprocessor @GreenTentacle Was your website recently upgraded to use HTTPS? If so, the U2F Are there any error/debug messages in the browser console when adding the security key or during the login? Something like: Is this the first time you're adding the key to the website (The U2F JS library will return an error if the same security key is being registered twice)? Try removing all existing keys from your profile and adding them again. |
AppID has been a problem on current domain (was waiting for Let's Encrypt - Took a while) but one domain tested has had a StartCOM SSL Cert installed for a long while. Had to add the key then go back into user settings and enable U2F for it to work (didn't like doing both at the same time). I am seeing in the below in the console every time wp-login.php is loaded although it's not causing anu problems. Many thanks for the update! |
Updated to the newest plugin update and made sure site address and wordpress address were set to https:// instead (woops). Still can't add a Fido token for another user (which sort of makes sense when i think about it, but maybe should warn ?), but logging in as that user and adding the token works fine. |
@meltedprocessor @GreenTentacle The funny thing is that the latest update didn't include any code changes -- it was triggered automatically for some reason. @meltedprocessor That JS error on the username/password login page is a known issue #126. @GreenTentacle Adding security tokens to other users currently isn't possible because it always references the current user here. Here is the issue #127. I'm closing this because it works correctly over HTTPS with a fresh install. |
Sorry for not getting back on this. Anyway, I see it's closed. Tried removing and then adding keys but could not. I'll remove and try installing plugin again. |
u2fL10n not defined now. Won't add new keys. I'll just use Google Auth. |
@JSkier21 Which page is that? Can you check the browser console output? |
On the profile page. Just upgraded to latest version, still an issue. Below is the output you asked for.
|
EDIT: Not sure that it matters, but which version should I use? Github or WP hosted? Output from GitHub plugin on profile page trying to add a key: |
This plugin will not permit authentication (nothing happens) with a yubikey in version 4.6 of Wordpress after updating or with a clean install.
The text was updated successfully, but these errors were encountered: