We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

FIDO key/WebAuthn broken

  • 1 reply
  • 1 has this problem
  • 1 view
  • Last reply by kelvinnkat

more options

Hello all! Recently my FIDO keys stopped working with Firefox. I'm running Firefox 119.0.1 on Windows 11 Pro (48GB RAM, Ryzen 3900X, RTX 2060) and it's happened for multiple sites, including Duo security and WebAuthn.io. Though I have been using my hardware keys for quite a while, I had never seen that dialogue before the past day or two ("touch your security key to begin with [X site]") and I have not had (and still do not have) similar issues when using the Brave browser (1.60.114). Typically, It would ask me to select among the verification options (using my phone, using a dedicated hardware key, or a QR code) that Windows knows, then I would be asked to insert and tap my key, but that doesn't seem to be happening anymore.

Hello all! Recently my FIDO keys stopped working with Firefox. I'm running Firefox 119.0.1 on Windows 11 Pro (48GB RAM, Ryzen 3900X, RTX 2060) and it's happened for multiple sites, including Duo security and WebAuthn.io. Though I have been using my hardware keys for quite a while, I had never seen that dialogue before the past day or two ("touch your security key to begin with [X site]") and I have not had (and still do not have) similar issues when using the Brave browser (1.60.114). Typically, It would ask me to select among the verification options (using my phone, using a dedicated hardware key, or a QR code) that Windows knows, then I would be asked to insert and tap my key, but that doesn't seem to be happening anymore.
Attached screenshots

All Replies (1)

more options

Upon further testing, it seems to be the result of security.webauth.webauthn_enable_softtoken being set to true. Is there anyone else that can test this?