Versions Compared

Old Version 5

changes.mady.by.user Branko Marovic

Saved on

compared with

New Version 6

changes.mady.by.user Branko Marovic

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Managing passkeys on Windows 11

Still not having anything, the above is from
https://www.bleepingcomputer.com/news/microsoft/windows-11-is-getting-a-built-in-passkey-manager-for-windows-hello/
















Get diagnostics

  • Open https://webauthntest.identitystandards.io/.
  • Log in using any user name - this is probably just for the app's internal logging.
  • Click the "..." button.
  • If there are any problems while doing the above, try another time or use another device. If the problem persists, please let us know over Slack.

}}Copy-paste the diagnostic results on the right as text (rows are labelled the same):

Platform authenticator (isUVPAA)

Conditional Mediation (Autofill UI)

CTAP2 support (Firefox)

{40{

Platform authenticator (isUVPAA) Available

Conditional Mediation (Autofill UI) Not defined

CTAP2 support (Firefox) Supported

...

  • Click the "+" button to create a passkey. Choose the following values:
    • RP Info: This domain
    • User Info: Bob
    • Attachment: Undefined
    • Require Resident Key: True
    • Resident Key (L2): Required

...

Please insert or paste screenshots in this table as suitable, preferably putting the related screenshots in one row (you can place a note beneath an image in the same cell):

Seq1

Image Modified

Image Modified






Seq2 (just new screens)

Image Modified

On Use ES***, Use EdDSA

Image Modified

Image Modified

Image Modified

After Cancel



Seq3 (just new screens)





Seq4 (just new screens)





Test User Verification

  • Select User Verification: Discouraged and click CREATE.
  • Follow the requested steps to create a passkey, then copy-paste the result from the web app.

...

  • Select User Verification: Required and click CREATE.
  • Follow the requested steps to create a passkey, then copy-paste the result from the web app.
  • Note that the latest result is the rightmost in the bottom row. You may delete already pasted results.
  • All authenticators should be able to register multiple passkeys multiple passkeys for the same domain, so you do not need to delete the previously created one. It is likely that the passkeys you create will override each other since they are for the same domain , so you do not need to delete the previously created one. Is this creation of multiple passkeys or an override of the old one?and use the same user name "bob@example.com").

Copy-paste the result on the right:
Put Unsupported if there was an error{50{

bob@example.com


Credential ID
0CCC6D88881BACA16CED184FB1B922C0C34783B2C72E11F54811896FBFB04D67

RP ID
webauthntest.identitystandards.io

AAGUID
00000000-0000-0000-0000-000000000000

Credential Registration Data [more details]
Key Type: RSA
Discoverable Credential: true
Attestation Type: none (unverified)
UP=1, UV=1, AT=1, ED=0, SignCount=0

Last Authentication Data [more details]
No authentications

...

  • If none of the previous four tries worked,:
    • Select Attestation: Undefined and click CREATE.
    • Follow the requested steps to create a passkey, then copy-paste the result from the web app.
  • Otherwise, skip this step.

Copy-paste the result on the right:
Put Unsupported if there was an error{75{

bob@example.com


Credential ID
584516D03A66476A3A677932DB9283C3965279F3EAB732FBE50E6E7DA445966B

RP ID
webauthntest.identitystandards.io

AAGUID
00000000-0000-0000-0000-000000000000

Credential Registration Data [more details]
Key Type: RSA
Discoverable Credential: true
Attestation Type: none (unverified)
UP=1, UV=1, AT=1, ED=0, SignCount=0

Last Authentication Data [more details]
No authentications

...

  • If none of the previous three tries worked,:
    • Select CredProtect Extension: Undefinedand click CREATE.
    • Follow the requested steps to create a passkey, then copy-paste the result from the web appthe web app.
  • Otherwise, skip this step.

Copy-paste the result on the right:
Put Unsupported if there was an error{95{

bob@example.com


Credential ID
DC36850DFC6E6768FB4ED82EFAA2EF4C0C9AD9E1C04C6617A65A16C07FA9AE85

RP ID
webauthntest.identitystandards.io

AAGUID
6028B017-B1D4-4C02-B4B3-AFCDAFC96BB2

Credential Registration Data [more details]
Key Type: RSA
Discoverable Credential: true
Attestation Type: packed (unverified)
UP=1, UV=1, AT=1, ED=0, SignCount=0

Last Authentication Data [more details]
No authentications

...

Copy-paste the result on the right:
Put Unsupported if there was an error{120{

Error - requested security key,  I chose 'Cancel'

}}

What about passkey usage testing and screenshots?

Conclusion

Do you have any additional observations or comments related to the entire procedure:{125{


}}

  • Please , do not forget to paste any pending screenshots in the above tables.
  • You may also paste the screenshot with the passkey(s) created during this test. The list of created passkeys is usually shown along with platform or browser passkey options that you were already asked to screenshot.

Thank you!