Sentry: U2F support in Firefox

compatibility test should not check browser version, but instead the presence of u2f libs.

Firefox Nightly now has u2f support behind an about:config flag, and it’s currently expected to land in Firefox 58 (scheduled for release around 2018-01-16). It would be good to get this working; then I’d actually _use_ 2FA.

I think Sentry is using the u2f-api NPM package; I filed https://github.com/grantila/u2f-api/issues/3 on it.

u2f-api 0.1.0+ now support the u2f global. Upgrade to that and U2F should start working in Firefox Nightly with the appropriate about:config flags set.

Firefox Quantum now natively supports U2F. We should revisit this.

U2F does work for https://sentry.io/auth/login/ in Firefox 57 already. (And thankfully you don't need to enable OTP first to enable U2F 👍; although you can view recovery codes when already being logged in without having to use your second factor, so anyone that finds your logged-in account can grab those codes)

Is this still on the roadmap? Sentry.io does not work for me with Firefox 60.0.2 with U2F enabled.

@salasrod what error are you getting, we're using [email protected], so should have firefox support.

@billyvg, I get an internal server error when I try to log in through the U2F login page.

Same here; still occurring in FF 62. )=

I've been able to log in with an actual Yubikey with no error, the error happens when I use a key that is not Yubikey, specifically this one: https://www.ftsafe.com/products/FIDO/Multi

Odd; this occurs with a brand-name (USB-C) Yubikey 4, for me

U2F support has worked well in Firefox for a long time using the security.webauth.u2f=true setting. On April 4th they announced that this is tracking to be on by default in Firefox 67, which should ship on May 14th:

https://blog.mozilla.org/security/2019/04/04/shipping-fido-u2f-api-support-in-firefox/

Our goal is to switch to WebAuthn which will make this compatible with Firefox and other browsers too.

Thanks a lot for your patience. 🙏🏻