Firefox supports WebAuthn, but as far as I could tell only with hardware tokens. I could not find a word about Firefoxs support of Passkeys (like Apple announced recently) anywhere
Personally I don't know why passkeys werent adopted much sooner, it seems such a long hanging fruit to just store the key in the FF password manager.
I use FF to support a web where there is not only one option, like Chrome, but FF keeps falling behind and behind instead of being at the forefront. This should be a top priority.
(Note: similar ideas have been merged into this thread)
this might not be the correct place for my question, but it seems related, since I encountered it when enrolling for Github passkeys.
is there any way to fail with a friendly message when a FIDO key is plugged in, but the site requires FIDO2? this has gotten me on other sites as well. Most browsers do not handle this well, though this may be faulty logic in the HTML/JS app or in API calls.
i have two yubikeys i use:
A few sites let me enroll the FIDO device. However, each site that fails does so in a very cryptic way, which usually leads me into setting a breakpoint or examining DOM and JS. It's happened on Google, Github and my school's authentication (which formerly only supported FIDO and not FIDO2).
Try enrolling a FIDO v1 key on Github. It triggers an uncaught exception that for me leads to restricted cross-site API requests. Other DOM-related errors are then triggered. A bit confusing.
The rest of the comment is just feedback. I probably won't be able to check in on the status and again. Sorry if it's the wrong place for this.
Thanks for the privacy-focused features like containers.
The reason these clear error messages important: for everyday people, tangible objects are an excellently simple way to be secure. FIDO and webauthn are about as simple as needing your keys to start your car. Very easy to explain and it's very easy to do, if the enrollment and authorization process is simple.
Most people have MFA-method fatigue and may be unwilling to adopt a novel method, even though it's simpler. However, the second that an everyday person encounters the unending onslaught of crypto acronyms, they'll reject this newer method. I also did not quite realize that passkeys would default to my yubikey.
The one other aspect that's confusing for hardware passkeys is enrolling multiple yubikeys. I don't think the average person would take the time to enroll both keys. The platform/browser keys used for passkeys aren't really satisfying. I guess a third-party service like OpenID or the newer auth startups would work.
apologies if this is a duplicate. my account is new, so maybe manual approval is needed. also, this might not be the correct place for my question, but it seems related, since I encountered it when enrolling for Github passkeys.
A Yubikey 5ci with FIDO2A Yubikey 4 with FIDO (firmware 4.3.7)
The one other aspect that's confusing for hardware passkeys is enrolling multiple yubikeys. I don't think the average person would take the time to enroll both keys. The platform/browser keys used for passkeys aren't really satisfying. I guess a third-party service like OpenID or the newer auth startups would work
I recently downgraded to version 117.0b5 of Android's Firefox Beta due to different circumstances.
When accessing My Nintendo, which doesn't support Passkey in the current version, I found sign in with Passkey became possible, and there was no longer a warning about "partial passkey support" on GitHub.
For some reason, Passkey support seems to have regressed in the latest version.
Passkeys seem to finally work in 122.0b1, thanks!
I'm a bit confused by the messaging in the beta release notes:https://www.mozilla.org/en-US/firefox/122.0beta/releasenotes/
"Firefox now supports creating and using passkeys stored in the iCloud Keychain on macOS."
Does this mean that 1Password Passkeys will not be supported in 122?
1Password's WebAuthn function will still continue to work as normal on Firefox. Meaning, you'll be able to use your passkeys just as usual when Firefox 122 rolls out.
1Password prioritizes their API over Firefox's so passkeys shown through their extension should always pop-up first.
Although, if you are still struggling to use passkeys on 1Password in Firefox, contact 1Password support at: https://support.1password.com/contact/
I have been using Firefox for a long time and I am grateful that the project is alive thanks to many people. I would like to know the current status of support for passkeys and webauthn for Firefox (desktop for Windows) and Firefox for Android.
I have not found any information in the release notes for versions 120 and 121. I would like to see more transparent communication about these and other planned features.
Unfortunately how Firefox implemented Passkeys in 122 is pretty useless.
macOS prompts me again to store the key in iCloud Keychain instead of FFs password manager. Basically this makes the whole passkey implementation useless, since the whole point of FF having passkey support is to store the key in FFs password manager so I can sync the key between all OSes FF runs on.
@eraI beg to disagree, as I for one is not interested in the flow you describe there. Passkey implementations should always use the system support for passkeys on OS where it's possible (making my passkeys available across multiple browsers on same computer).