Open Bug 1902235 Opened 18 days ago Updated 18 days ago

[WebAuthn] macOS Firefox 127 still asks to touch a security key with password twice

Categories

(Core :: DOM: Web Authentication, enhancement)

Product:
Core
Component:
DOM: Web Authentication
Version:
Firefox 127
Type:
enhancement

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: vrac, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:127.0) Gecko/20100101 Firefox/127.0

Steps to reproduce:

Go to a website that uses a security key with a pin password
Try to login (email + pass), then it's time for the security key part

Actual results:

1/ Firefox asks to touch a security key connected to the computer
2/ after the first touch the pin is asked
3/ then a second touch is needed to complete the login process

Expected results:

1/ the security key pin should be asked straight ahead, especially if there is only one security key available.
2/ then a touch to allow the login process to complete

The process is a little bit better than the versions before 127 (there was even one more step before as detailed in #1878742 and #1894876 ) but the fist step is still useless. For example it works well in Brave browser, the browser asks straight for the pin if the security key is connected to the computer.

On the other hand, since version 127 the process is now perfectly fine for websites that does not require a PIN code (U2F vs WebAuthn).

The Bugbug bot thinks this bug should belong to the 'Core::DOM: Web Authentication' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → DOM: Web Authentication
Product: Firefox → Core
You need to log in before you can comment on or make changes to this bug.