Seemingly simple task of adding a Yubikey for 2FA, but I’m failing to do so and I’m heavily confused by all this new stuff.

• How do I need to configure my Yubikey?
  • OTP?
    • Yubico OTP?
    • Challenge Response?
    • Static Password?
    • OATH-HOTP? → tried that with Firefox, got back The attestation format is not supported by the server.
  • FIDO2?
• Which browser do I need to use?
  • Firefox?
  • Chrome?
  • Some other browser?

Hmm, you shouldn’t need to configure anything. Try the following:

1. Plug your Yubikey into your USB port
2. Navigate to /my/preferences/second-factor on your site
3. Select the Add Security Key button
4. Give the key a name if you wish and select the Register button
5. “Touch” your Yubikey

It should work on Safari, Firefox, and Chrome. It should also work on mobile if you have a compatible device and a Yubikey with NFC.

Got it to work with Chrome and OATH-HOTP.
Didn’t try further on Firefox.

Hmmm… interesting.
I need a spare key anyways, so I will try again, also with FF.

Tried today to enable 2FA for meta.discourse.org via FF 84.0.2 as already described above. Same error message.

Tried the same on Chrome 88.0.4324.96 → instant success.

Googling for The attestation format is not supported by the server. results in 4 findings, all related to the discourse source code. Seems like nobody else had this problem yet…

Interesting: When in FF in Private Mode, 2FA login works.

Edit:
Tried again a dozen times, disabled FF addons and scriptblocker, tried private mode browsing as described above, and 2FA is working in FF.

Strange thing is: After re-enabling FF addons and scriptblocker, 2FA is still working.

Anyways, it is working, I’m happy, case closed

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.