I have been using onlykey’s FIDO2 function fine for several years (website login, ed25519-sk ssh keys). I don’t have an onlykey FIDO2 PIN (and I am not even sure if I can set one). Usually for website login, I chose FIDO2 login method, onlykey flashes blue, I press a button on onlykey, then onlykey flashes blue again, and I press a button again (the second press should be the substitute for the PIN), then I can login. So I need to press onlykey twice. For ssh, I only need to press onlykey once.
However, today, when I was trying to log into a website, after the first button press, the website (or my browser) started to ask for a PIN, and I kinda have to enter the PIN (that I haven’t set). I tried empty PIN, and some other random PINs, all of them don’t work.
Later, it seems I have been locked out by the FIDO2 function. When I try ssh, I get “cannot find device error”. When I try to log in using a website, on windows, I get " You’ve entered incorrect PINs too many times. Use a different sign-in option, or contact your IT support person." error.
I can use other functions fine, entering password, using challenge-response to unlock keepassxc, etc. But anything FIDO2 related no longer works. How can I unblock myself? If I have to reset onlykey, can I restore FIDO2 credentials by restoring my backup and use it like before?