Hey everyone! I'm having some trouble getting passwordless login to work with YubiKeys on Chromebooks. I'm curious if anyone has managed to get this set up successfully. Here are the issues I'm facing:
1. **Initial login flow**: When I add a new user to a Chromebook, it doesn't allow for passwordless login right away. Instead, I have to type my email and password first, and only then does it prompt for the YubiKey as a second factor. That's just two-factor authentication, not passwordless.
2. **Session re-authentication**: I have a 12-hour session policy set, but on Chromebooks there's no prompt to re-authenticate after the session expires. It just keeps me logged in without reminders, which is different from how it behaves on other operating systems.
3. **Unlocking the Chromebook**: Is there a way to unlock a Chromebook using a YubiKey directly instead of entering a password? Currently, I can only disable saved logins, but that forces me to enter my email, password, and YubiKey every time, which seems counterproductive for a passwordless setup.
I'm really looking for insights, workarounds, or whether this is just a limitation of ChromeOS. Anyone else running into similar issues or have a fix?
1 Answer
You might want to try adding the YubiKey as a passkey instead of just setting it up for 2FA. That looks like it could help you avoid the password part during login.
Actually, I did try that! I can get passwordless login with it on other operating systems without a hitch.