I opted in to use my Thetis Pro passkey device, which worked fine until I had to re-install Windows. I’m now getting “This security key doesn’t look familiar”. I found that if I took the key before attempting login, then re-inserted when prompted, I got the following:
“An error occurred: A security key with the provided credential ID could not be found”.
I can see that the key for the site exists in Thetis Pro Key Manager app.
Note: I’ve tried it via Chrome, Firefox, mobile etc, as well as my laptop, with the same resulting message. And all other keys on the device work fine for other sites.
I tried contacting the site owner who just told me to do a password reset - not sure he understands passkeys! Yes, I can do a password reset, but it still needs passkeys to complete.
So, is there anything else I can do, or ask the forum admin to try, or somehow initiate a fallback? I don’t recall any way of creating a backup passkey using Windows Hello or Google Password Manager, which is what I normally do. Nor is there any other option that a physical key when clicking “cancel”.
Thanks for getting back to me. Sorry, forgot to mention I tried this before.
I click the link in the email ( www.trucknetuk.com/session/email-login/XXXXXX), but I’m right back to this screen:
There are two types of security keys in Discourse: first factor (aka passkeys) and second factor. The passkey can be used to log in from the main login screen, before you have entered a password. The second factor key can only be used after entering a password, that’s why it is called a second factor, because it’s after a first authentication step.
I can see that in your account you have a second factor key, that’s why you are getting the “Authenticate with Security Key” prompt. I also see that you have a passkey too, from Windows. Can you try logging in with that? Do you still have that after resetting Windows?
If that doesn’t work, you can ask the administrator at TruckNet to reset the hugh_lorry account’s security keys. The admin would need to agree that you’re the rightful owner of the account. If they do and remove the key, then you can log in via email without a 2FA because there won’t be one anymore on that account.
I can see the passkey right on the Thetis Pro physical USB passkey device, so I know I used that, not Windows Hello.
If I use the key, I get "An error occurred: A security key with the provided credential ID could not be found."
Unlike other sites, there’s no option to choose anything other than a physical security key. Normally, when it says "insert your security key", if “cancel” is pressed then other options are offered, such as being able to use “Windows Hello” passkeys. But if I press cancel, it says:
"The security key authentication process either timed out or was cancelled."
The only way to get the 2FA screen is “login with email link” and then choose “two factor authentication”.
It then gives a rather confusing screen which says:
"When you have your physical security key or compatible mobile device prepared press the Authenticate with Security Key button below."
But there is no “Security Key button”, but a space to enter something, (<p class="second-factor__description">) and a “finish login” button below it.
I’m assuming that this is for a 6-digit 2FA from a code generator, but the only one I use is Authy, and it’s not in there. Whatever I put, the message is "The provided public key is invalid", which perhaps suggests an error on the hosted site rather than my end?
I went back as my temporary account and tried setting up passkeys and 2FA again, and I noticed that there are options to download backup codes, which I definitely would have done as I always do that for other sites. And I always note them in two places, and they’re not in either. I would have enabled 2FA around February 2024 when they switched from their old forums to Discourse - is it possible that option wasn’t on that page at that time?
That’s interesting - does that mean that you are actually able to see my account and credentials on the Trucknet site?
OK, understood. I’ll do that as a last resort, but if possible I’d like to try and work through this and help fix anything that may be a bug, or an edge case that might “get” someone else in the future, rather than working around it at this stage.
