starred/anonaddy
1
0
Fork 0
mirror of https://github.com/anonaddy/anonaddy.git synced 2026-04-25 06:05:55 +03:00
Code Issues 103 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #295] Wrong error message when logging in with U2F/WebAuthn key #814

New issue
Closed
opened 2026-03-14 10:43:02 +03:00 by kerem · 1 comment
kerem commented 2026-03-14 10:43:02 +03:00
Owner
Copy link

Originally created by @rugk on GitHub (Jun 9, 2022).
Original GitHub issue: https://github.com/anonaddy/anonaddy/issues/295

STR

  1. Setup U2F.
  2. Try a wrong i..e different U2F key to authenticate.

What happens:

An error like this is shown:

This key is already registered. It’s not necessary to register it again.

Screenshot of that, AnonAddy

What should happen

The correct message should be something like this:

This is the wrong security key. Please try again.

Seems like you improperly re-used some handling/code of adding keys – so as long as one cannot add keys in the login form, that is all hood, security-wise… 🙃

System

Linux/Fedora 36
Firefox 100

Originally created by @rugk on GitHub (Jun 9, 2022). Original GitHub issue: https://github.com/anonaddy/anonaddy/issues/295 ## STR 1. Setup U2F. 2. Try a wrong i..e different U2F key to authenticate. ### What happens: An error like this is shown: > This key is already registered. It’s not necessary to register it again. ![Screenshot of that, AnonAddy](https://user-images.githubusercontent.com/11966684/172959478-e435bf67-c55f-4336-90b1-1dd010713b2a.png) ### What should happen The correct message should be something like this: > This is the wrong security key. Please try again. Seems like you improperly re-used some handling/code of adding keys – so as long as one cannot add keys in the login form, that is all hood, security-wise… :upside_down_face: ## System Linux/Fedora 36 Firefox 100
kerem closed this issue 2026-03-14 10:43:07 +03:00
kerem commented 2026-03-14 10:43:13 +03:00
Author
Owner
Copy link

@willbrowningme commented on GitHub (Jun 16, 2022):

Thanks, I've updated it to use the errors.key_not_allowed message instead now.

<!-- gh-comment-id:1157388934 --> @willbrowningme commented on GitHub (Jun 16, 2022): Thanks, I've updated it to use the `errors.key_not_allowed` message instead now.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.5.0
v1.4.1
v1.4.0
v1.3.8
v1.3.7
v1.3.6
v1.3.5
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.0
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
v0.14.1
v0.14.0
v0.13.13
v0.13.12
v0.13.11
v0.13.10
v0.13.9
v0.13.8
v0.13.7
v0.13.6
v0.13.5
v0.13.4
v0.13.3
v0.13.2
v0.13.1
v0.13.0
v0.12.3
v0.12.2
v0.12.1
v0.12.0
v0.11.2
v0.11.1
v0.11.0
v0.10.1
v0.10.0
v0.9.1
v0.9.0
v0.8.10
v0.8.9
v0.8.8
v0.8.7
v0.8.6
v0.8.5
v0.8.4
v0.8.3
v0.8.2
v0.8.1
v0.8.0
v0.7.5
v0.7.4
v0.7.3
v0.7.2
v0.7.1
v0.7.0
v0.6.2
v0.6.1
v0.6.0
v0.5.0
v0.4.0
v0.3.0
v0.2.13
v0.2.12
v0.2.11
v0.2.10
v0.2.9
v0.2.8
v0.2.7
v0.2.6
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
Labels
Clear labels   
bug

   
pull-request

Mirrored from GitHub Pull Request

No labels
bug
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/anonaddy#814
No description provided.