0

In recent versions of Chromium (98+), my Yubikey is broken / no longer working to authenticate / register with websites using the FIDO2 U2F standard.

For example this demo site: https://u2f.cloudentify.com/u2fdemo/

Simply nothing happens and this is written to the console:

Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('chrome-extension://kmendfapggjehodndflmmgagdbamhnfd') does not match the recipient window's origin ('null').

How can I get this working again?

Jonathan Cross
  • 675
  • 8
  • 17

1 Answers1

0

It turns out that the way U2F was implemented in Chromium was a bit of a hack and has been deprecated since Chrome 95. Here is the Yubikey page. It should have been a smooth transition to WebAuthn, but this is not true for all websites.

How to re-enable U2F API:

  1. Go to this url: chrome://flags/#u2f-security-key-api
  2. Locate "Enable the U2F Security Key API" Enable the U2F Security Key API
  3. Change the dropdown from "Default" to "Enabled".
  4. Restart the browser.
Jonathan Cross
  • 675
  • 8
  • 17
  • It will eventually be removed though, so it might be worth it reaching out to the website to have them migrate to webauthn. – Nina Satragno Apr 26 '22 at 23:02
  • On Chromium Linux, even Webauthn doesn't work without this change... it seems the yubikey is not recognized, doesn't blink, etc. In future versions of Chromium (103 or 106?) the Yubikey _should_ start working again via Webauthn according to what I have found online. If you have more info, please share. – Jonathan Cross Apr 27 '22 at 12:19
  • Just noting for everyone that as of Chrome 104, the [U2F API has been completely removed](https://developer.chrome.com/blog/deps-rems-104/). – Chris Haas Sep 26 '22 at 15:24