question

GobinathMageswaran-4838 avatar image
0 Votes"
GobinathMageswaran-4838 asked MarileeTurscak-MSFT commented

FIDO Registration Passwordless - When the page focus is removed from verifying user presence, registration fails

Hello
We are in the process of implementing FIDO for an organization and currently testing various use cases. i wanted to list down a two I came across and was hoping someone can provide more clarity on the behaviour by explaining this to me or point me to some links to read more about it ( did some digging but not seen any good explanations yet :))

Senario 1
1. User logs into aka.ms/mysecurityinfo
2. select to register security key
3. user is asked to enter a PIN or create a new PIN if he has not already
4. user is asked to touch the key to verify presence

on step 4 if i click on another page or click on my open excel/word document and the screen focus is now on this new page and proceed to touch my FIDO key to verify user presence i get an error message saying i am using a private browser session and my key is not registered.

This happens all the time and was wondering why this happens or if its a bug?

Senario 2
The expected behaviour for PIN bad attempts is 4 bad PIN inputs user is asked to remove and reinsert their key. They have another 4 attempts after this.
I have noticed that if i enter 3 bad inputs and proceed to enter the right PIN on my 4ths attempt i am still not allowed to login. I get too many incorrect PIN attempts to remove and reinsert your PIN.

Wanted to know if this is expected and can be changed or a limitation of the protocol?



azure-ad-multi-factor-authenticationazure-ad-passwordless-authentication
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I realize this is an old question, but I wanted to check if you are still having this issue? If so, would you be able to share a screenshot of the message you receive?

0 Votes 0 ·

0 Answers