Passkeys can not be retrieved / verified #4582
Comments
|
We'll take a look! Is this error occurring at a specific website or multiple sites? |
|
We're not able to replicate the exact issue you're reporting. Some more details may assist in troubleshooting. Were your errors encountered while attempting to use passkeys in the native GitHub and Banking applications, or through a web browser? If you were using a web browser, could you provide details of the browser? Name and version should suffice for now. If you could provide the name of the Banking application, that would be helpful as well. |
|
Moving this ticket to the new native Android repo for tracking. |
|
Thank you for your report! We've added this to our internal board for review. |
|
Hi, I tested it on github in the mobile Firefox browser (134.0.1) the github app (1.192.0), and my banking app which is ubank (11.91.0) in Australia. If you'd like me to test the passkey somewhere else let me know. Thanks. |
|
Can confirm getting the same issue with the uBank app on my Samsung Galaxy S24+. The app just constantly says "Something went wrong" when trying to login with the passkey. It does not prompt to unlock the vault. It also doesn't even detect standard passwords no matter how many new entries you add. Was previously working fine with the legacy Bitwarden app More reports and response from ubank here |
|
Before it says "Something went wrong" it also says that the "user cannot be verified". Tested on Pixel 6. |
|
Same issue as @nategasm. Running Android 14 on Samsung Galaxy S24 FE. Legacy app worked fine tho. Also noticed an issue in WhatsApp when trying to create a passkey with Bitwarden. Bitwarden seems to create it, but WhatsApp doesn't realise it has been created. |
|
Just to add to t his, same issue with my Galaxy S22u, Android 14 and my Australian banking App (Ubank). Worked until the recent Bitwarden update. Still using email for 2FA here |
|
Just upgraded to 2025.1.1 and issue is still persistent. Having to use another password manager to handle passkeys for UBank otherwise I need to login with username, password, and SMS 2FA every time (painful). |
|
Hi all. We're still investigating the issue with uBank and will provide an update as soon as we have more information. Regarding the WhatsApp problem: I believe this is a bug on WhatsApp's end. I was able to replicate passkey creation failure when registration is triggered from the Settings screen in WhatsApp. There are no logs indicating anything is wrong on our end during this process. WhatsApp appears to silently fail when it receives our response. However, if you choose to create a passkey while signing in to WhatsApp for the first time, registration completes on our end and WhatsApp accepts the response. Navigating to Settings > Passkeys, you can see the passkey was successfully registered in WhatsApp's system. Unfortunately there's nothing more we can do on our end at this time to improve the WhatsApp behavior. I suggest reaching out to WhatsApp and informing them of this issue if you're able to replicate it as consistently as I was. |
Hi @SaintPatrck, issue #3866 provides additional information about the issue with UBank, including screenshots, and that Bitwarden legacy does work, KeyGuard does work, but that Bitwarden native (tested right up to: Version: 2025.1.1 (19728) |
Hi, just to add, passkeys worked on WhatsApp with Bitwarden legacy and all other password managers I have tested with (1Password, Proton Pass, and Google Password Manager). Regardless, I will contact WhatsApp as suggested. Thanks |
|
Hi @BJReplay I did see all of the details included in that issue. I appreciate everyone taking the time to capture all of the information. It helped eliminate some potential causes. I believe I have good lead on the issue and it is potentially spawning from our SDK. The legacy application does not use our SDK, which would explain why it works and the native app does not. However, I'm not able to prove that theory without having an account with uBank and I cannot create one since I'm not an AUS citizen. I opened #4694 which, among other things, improves user facing error messages so we can hopefully identify where exactly the process is failing. If you or anyone else tracking this issue are willing to assist, using a build from that PR and reporting back the results would be a great start. If my theory is correct I expect that the failure is occurring here due to an RpOriginMissmatch error from the SDK. |
|
Hi @vrbt150 Thanks for the additional info. Did you happen to try creating a passkey during initial sign in? If so, was it successful? What's really odd to me about the WhatsApp behavior is that there is no failure during our processing like there is with UBank, or you would see dialogs in Bitwarden. That's the only reason I suggest it may be something on their end. They may be able to debug and pinpoint why it's rejecting our response. Keep us updated on WhatsApps response. I'm happy to continue investigating if more details arise. |
On it. Will report back. |
No luck. the build didn't complete, so there are no assets for me to install, and I don't think I have the ability to set up an environment to do a build. |
|
© Bitwarden Inc. 2015-2025 Version: 2025.2.0 (19770) I love the copy paste version, by the way! No luck - same errors as I believe I previously reported at #3866 - I didn't recognise anything different. Sorry about the dodgy photos - screenshots blocked by Ubank (even if enabled for Bitwarden) PII redacted by the generative erase in the Microsoft Photos app in Win11. It's actually remarkably good for that.
|
|
Any update on this? |
Hiya have not tested during initial setup of WhatsApp. On a separate note, I just discovered I'm unable to create a passkey from PayPal on Android too. I have attached a screenshot of the error. I still have not received any reply from WhatsApp regarding the issue. Will keep you posted. Thanks
|
|
@vrbt150 Thanks for checking back in. With regards to Paypal, that is known and expected. Paypal has not configured their assetlinks.json correctly to support passkeys from their native Android application. This comment has more details about the PayPal implmenetation. We have connected with the UBank team and are actively working on the issue. Updates will be provided as they are available. I appreciate everyone's patience as we work to find a resolution. |
I do remember this with PayPal, not sure if a recent update has changed this as I can create a passkey and login to PayPal with Proton Pass without issue. |
|
This also happens with the discord android app. |
|
Hi all, I'm happy to share that UBank issues are resolved with #4694. It will be in the 2025.2.0 release. We also received confirmation from Google that we can safely relax digital asset link validation. As a result #4804 will resolve failures related to "app not found in asset links" errors. This includes PayPal and several other applications. This fix will not be in 2025.2.0 but should be in the following release. And last, but not least, WhatsApp has confirmed they're aware of an issue with passkeys on their end. Once we receive an update we will make any changes necessary, but hopefully it will simply start working soon. Given that the primary issue in this thread was with UBank and PayPal, I'm going to close it. If anyone continues having problems with UBank after the 2025.2.0 release let me know and we can re-open this issue. If you experience problems with other applications, please open a new issue with details specific to that application. This will help us better organize and triage issues on a app-by-app basis. Thank you all for your assistance, and most importantly, your patience while we work though these issues. 🫶 |
|
I'm still seeing this with 2025.2.0 and latest ubank app version. |
@cipavlou I was able to log into Ubank Almost immediately after I upgraded. What I did (in no particular order) before attempting to log into Ubank was:
Perhaps the difference was that
It could be worth checking when you unlock Bitwarden first (and ensure that you don't have a lock immediately set-up) to see if that fixes the problem. If it does, that might mean that there is a bug in the steps that respond to a passkey request and unlock the vault. Having said that, I just tried with my vault locked via the lock time out and I got three prompts from Bitwarden (and one from the OS) after starting the login from Ubank:
|
|
Thanks. It turns out that biometrics/fingerprint unlock was causing Bitwarden to crash on my phone. Using Bitwarden without biometrics is fine/passkey works |
Production Build
Steps To Reproduce
Expected Result
Passkey successfully unlocks account.
Actual Result
Get error "Passkey operation failed because user could not be verified" followed by "we were unable to process your request. Please try again or contact us"
Screenshots or Videos
Cannot screenshot the app
Additional Context
Passkeys used to work about a week ago.
Operating System
Android
Operating System Version
14
Device
Samsung Galaxy A35 5G
Build Version
2025.1.0
The text was updated successfully, but these errors were encountered: