I just confirmed this OnlyKey is used to do WebAuthn for login with Bitwarden and of course it blinks blue on the login and I have to press a button on the OnlyKey.
So now I am slightly confused what is what with FIDO2 and OnlyKey. Am I not supposed to have resident credentials on the device, especially if I am using it as FIDO2 key?!
Note that I set my PIN using the onlykey-cli AFTER I started using FIDO2 on Bitwarden, otherwise it wouldn’t let me list credentials.
I tried adding a second OnlyKey again to Bitwarden now, one for which I set the PIN before hand. No difference, still can’t add it to Bitwarden. Only difference is that I am asked for the PIN now before pressing a button when the LED blinks blue.
@AlexHK If you restored a backup from one key to your other keys then a site would see the restored keys as essentially the same as the backup. You can only register a key once so that would be why you can’t register the same key again.
But what about the onlykey-cli stating No resident credentials on this device. ?
Resident keys are typically only used for things like passwordless authentication not FIDO2 MFA. So no resident keys is expected when using a security key as a 2nd factor.