julichan Posted August 26, 2024 Report Posted August 26, 2024 (edited) Hello, Since mid august windows 11 or browser updates (edge, chrome and brave), I became unable to use enpass (from windows 11 store) to store new passkeys. I simply no longer have the option. Several sites are trying to enforce passkeys but I don't thing storing passkeys in the OS is safe at all so this is urgent for me. any idea when this will be fixed ? Also, is the desktop version better suited to windows 11 or all the same as store version ? Note: Browsers seems to have implemented the new WebAuthN spec version 3 for passkeys despite some FIDO2 libraries being still beta and incomplete, for exemple fido2 for .net is beta 13 and missing field authenticationMethod on one of their model.... Thanks. Edited August 27, 2024 by julichan Clarity
julichan Posted August 26, 2024 Author Report Posted August 26, 2024 Actually I tried the windows beta desktop version and I have the same problem.
julichan Posted August 28, 2024 Author Report Posted August 28, 2024 I tested more and figured out that it works on github but not amazon. I made a server using fido2-net-lib and tried with various settings such as removing authenticator conditions black list, fiddling with settings on authenticator attachment, existing credentials and other authenticator selection criteria but ended up failing to make enpass work with it. After looking around, I figured out that Enpass is not even registered in the MDS3 trusted FIDO2 authenticator list. Is it going to be part of it in the next batch on first september ?
Amandeep Kumar Posted August 28, 2024 Report Posted August 28, 2024 I've reported this issue to the Enpass technical team. They are currently investigating it, and I will reach out to you with updates as soon as I receive them. #SI-3977 1
Amandeep Kumar Posted September 2, 2024 Report Posted September 2, 2024 To help resolve this issue, please ensure that Manage Passkeys is enabled: Right-click on the Enpass extension in your browser. Select Settings. Verify that the Manage Passkeys option is enabled. If issue still persist, please provide the following details for further investigation: The URL of the website where you're experiencing the issue. Whether the passkey for this website is already saved in Enpass.
julichan Posted September 9, 2024 Author Report Posted September 9, 2024 (edited) Hello, I tried again as requested. Manage passkeys was and is enabled in the plugin. It somehow works again where it did not work before. However now, on amazon.fr, enpass stays stuck at signing in. Check the attachment. All i can do is close the enpass window or it might eventually show some kind of timeout error. Additionally, I did not get an answer to my previous questions: - I made tests using the official FIDO2 library for aspnet servers (both the webauthn3 release and webauthn4 beta13) (https://github.com/passwordless-lib/fido2-net-lib) and it seems that no matter the options set, Enpass doesn't react on that official library. Is there any special setting i should be aware of to make it work? (I tried both platform and cross-platform, several authenticator options and even none, ect...) Also Enpass is not registered as a official FIDO2 trusted passkey manager. Please try to check yourself that enpass is officially not trusted: https://opotonniee.github.io/fido-mds-explorer/. You missed 1st september rolls, now we have to wait another month. will enpass get registered as an official FIDO2 trusted passkey manager and when? Thanks Edited September 9, 2024 by julichan
julichan Posted September 10, 2024 Author Report Posted September 10, 2024 Just an extra question, does enpass block non-https passkeys ? or perhaps localhost domain passkeys ?
julichan Posted October 6, 2024 Author Report Posted October 6, 2024 Alright got answers on my own. First of all, enpass doesn't support fido2 yet. The communication says it supports passkeys but that's true only for older versions meaning as 2FA (something like fido u2f) and not passwordless. Fido2 is only supported by bitwarden and 1password apps currently. Apparently logmeonce as well. I'm going to test those.
DriessenbeeR Posted November 26, 2024 Report Posted November 26, 2024 I am also interested, if and when FIDO2 will be supported. Is this on the roadmap of Enpass?
DriessenbeeR Posted December 10, 2024 Report Posted December 10, 2024 Hi @Amandeep Kumar Do you have any updates on FIDO2-support in Enpass? Many thanks!
Amandeep Kumar Posted December 11, 2024 Report Posted December 11, 2024 You will be pleased to know that FIDO2 support is already part of our development roadmap and will be implemented in future versions of Enpass. I’ve also shared your comment with our dedicated development team as additional feedback.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now