Go to All Forums

U2F/WebAuthn devices are unusable if name is ≥ 11 chars

Bug? This likely affects all Zoho services, including Site24x7, but as of recently (unsure exactly when), U2F/WebAuthn-based Multi-Factor Authentication cannot be used if the user-defined device name is 11 characters or more.

My WebAuthn device has been registered for more than 1 year with a longer name, and at least as of today, authentication using that device fails. Attempting to re-register the device will not allow a user-defined device name of 11 characters or more, and will prevent registration from completing, although there is no notification to the user that the name length is the reason for the failure. If the user-defined name is 10 chars or less, the device can be registered and used without any problem.

Like (2) Reply
Replies (1)

Re: U2F/WebAuthn devices are unusable if name is ≥ 11 chars

Hey Hugh,

  Thanks for the raising the flag. We'll get it checked internally as well and get back.

-Jasper

Like (1) Reply

Was this post helpful?