As the title claims I get this error every time I use my Onlykey to perform FIDO2 authentications? (At least I think). I did get the pin on Windows wrong multiple times (I had forgotten the pin I used on my main PC) so that’s why it’s there, but I can’t fix it?
The same error happens on different unrelated PCs and laptops, multiple browsers and different use cases (Windows Hello, Github in browser, Microsoft account etc).
I should add I’m a commercial user and don’t have an IT team to go to. It’s possible because my PC had my school account logged in that is the reason.
Any ideas how to fix it? A full reset using self destruct key (removing firmware) and reflashing the firmware didn’t seem to work (maybe I should have not loaded my back up immediately and tested it again)
The primary issue you’re dealing with is the association of the key with the account. You should login to the account, remove the fido key authenticator. After that, setup your your onlykey again, and re-associate it with your account.
I have good luck with Fido on Facebook, gmail, boxcryptor, namecheap dns, and anything else other than microsoft.
Microsoft’s hello authenticators using security keys is not reliable in my experience with onlykey.
@MageofJustice In order to prevent a stolen FIDO2 authenticator from being used there is a limit of 10 incorrect PIN attempts. This is required by the FIDO2 specification. After that the FIDO2 authenticator is disabled and you will need to use another method to login and then re-register the security key at the site.
