All seems to be working except any attempts to modify the device in windows 10, It always shows up as "Yubikey" and Firmware 3.0.0, despite the fact that I flashed pico_fido_pico-5.6.yubikey5.uf2 (using the web patcher).

My pico model, just a cheap copy but with USB-C and an RGB LED light in the back

Hoping to get some help getting this to work, I wanted to use this as a primary/backup alongside my Yubico Security Key

I've tested at https://webauthn.io/ the attestation direct setting and seems to be an issue with the counter, as the error message seems to indicate.

1# Register	2# Authenticate	3# Choose a passkey

1. There are no issues in the 1# screenshot.
2. When authenticating right after registering I always see the count error message (2# screenshot).
3. However, it works (sometimes) when I try to authenticate the same user later after registering more users.
4. The error authenticating in the 3# screenshot happens sometimes, couldn't find a pattern on this one yet.

Tested on: Raspberry Pi Pico RP2040

Let me know if you need more details.

Keep up the great work, thanks! 🚀

Hello,
I've just flashed RPI PICO 2020 (c)
With this firmware
https://github.com/polhenarejos/pico-fido/releases/download/v5.8/pico_fido_pico-5.8.uf2

after pico reboot I see

[1466535.469647] usb 1-8: new full-speed USB device number 29 using xhci_hcd
[1466535.611275] usb 1-8: config 1 interface 2 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[1466535.612120] usb 1-8: New USB device found, idVendor=feff, idProduct=fcfd, bcdDevice= 5.00
[1466535.612130] usb 1-8: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[1466535.612135] usb 1-8: Product: Pico Key
[1466535.612139] usb 1-8: Manufacturer: Pol Henarejos
[1466535.612142] usb 1-8: SerialNumber: E6612483CB1F932D
[1466535.618983] hid-generic 0003:FEFF:FCFD.0011: hiddev100,hidraw10: USB HID v1.11 Device [Pol Henarejos Pico Key] on usb-0000:00:14.0-8/input0
[1466535.620845] input: Pol Henarejos Pico Key as /devices/pci0000:00/0000:00:14.0/usb1/1-8/1-8:1.1/0003:FEFF:FCFD.0012/input/input36
[1466535.677164] hid-generic 0003:FEFF:FCFD.0012: input,hidraw11: USB HID v1.11 Keyboard [Pol Henarejos Pico Key] on usb-0000:00:14.0-8/input1

in dmesg (I use Linux box 6.8.7-arch1-1) and according to green led it's in "Active mode".

And when I go to https://webauthn.io/ to run registration test, I get "Touch security key to continue". I push BOOTSEL button, but nothing happens.

What am I doing wrong?

I use FF 126 as snap package and it works fine with yubikey.

Thank you!

I am using a Raspberry Pi Pico W, flashed with pico_fido_pico_w-5.4.yubikey5.uf2 (So Version 5.4 as a Yubikey5).

Upon plugging in and registering it, at no point does the built in light flash on.

Is there something I am missing?

When I use the backup function of pico-fido-tool.py, I get fido2.ctap.CtapError: CTAP error: 0x33 - PIN_AUTH_INVALID error.

Execution environment:
Git Branch: development
System Version: Ubuntu 22.04.3 LTS
Architecture: amd64
Python Version:3.11.6
Python package:
fido2:1.1.2
keyring:24.2.0
cryptography:41.0.5

For testing I ordered both a pimoroni tiny2040 and a waveshare Rp2040 zero.

After accidentially flashing version 2.2 to the tiny and the latest 5.8 to the waveshare, the tiny worked on my app, the waveshare did not (LED flashing but no function).

After further inspection I found its not tied to the hardware, both behave the same when flashed to the same version:

• Its not just my app, it also does not work with the example for the library im using:
  https://webauthn.lubu.ch/_test/client.html
• It DOES work with Version 5.4 and before (therefore I suspect the problem beeing with pico-fido and not the library)
• It DOES work with https://webauthn.io/ with all versions I tested
• Strangly, after using the key once with webauth.io, it kind of works with the other library but behaves eratically, sometimes not authenticating, sometimes asking for a pin despite userVerification=discouraged and sometimes crashing outright.

I have not yet found out what exactly triggers the different behavior, but suspect it to be in some kind tied to the pin function.

I did try nuking the flash, this did reset the "priming" via webauthn.io but did not fix the overall issue.

Is it possible to upgrade to a new version without losing the binding, or is it necessary to unbind the device each time?

I try to backup the private key in my genuine raspberry pico microusb , and got this error :

C:\Users\xxxx\Downloads\pico-fido-main\tools>python pico-fido-tool.py -p 123456 backup save dummy
Pico Fido Tool v1.6
Author: Pol Henarejos
Report bugs to https://github.com/polhenarejos/pico-fido/issues


Traceback (most recent call last):
  File "C:\Users\xxxx\Downloads\pico-fido-main\tools\pico-fido-tool.py", line 469, in <module>
    run()
  File "C:\Users\xxxx\Downloads\pico-fido-main\tools\pico-fido-tool.py", line 466, in run
    main(args)
  File "C:\Users\xxxx\Downloads\pico-fido-main\tools\pico-fido-tool.py", line 460, in main
    backup(vdr, args)
  File "C:\Users\xxxx\Downloads\pico-fido-main\tools\pico-fido-tool.py", line 424, in backup
    vdr.backup_save(args.filename)
  File "C:\Users\xxxx\Downloads\pico-fido-main\tools\pico-fido-tool.py", line 255, in backup_save
    ret = self._call(
          ^^^^^^^^^^^
  File "C:\Users\xxxx\Downloads\pico-fido-main\tools\pico-fido-tool.py", line 244, in _call
    return self.ctap.vendor(cmd, sub_cmd, params, pin_uv_protocol, pin_uv_param)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\xxxx\Downloads\pico-fido-main\tools\pico-fido-tool.py", line 173, in vendor
    return self.send_vendor(
           ^^^^^^^^^^^^^^^^^
  File "C:\Users\xxxx\Downloads\pico-fido-main\tools\pico-fido-tool.py", line 136, in send_vendor
    raise CtapError(status)
fido2.ctap.CtapError: CTAP error: 0x33 - PIN_AUTH_INVALID

tryed with linux/ windows , same issue ...

It would be great if you could put a button on GPIO Pin 0 for example to act as the verification button.

Hi,
Firstly, let me express my gratitude for this project.I've got some questions about firmware upgrade and backup.

1.If I upgrade the firmware by BOOTSEL(the same way as initial firmware download),what happens to the private keys/master key stored in the spi flash?Will them be keeped or everything just wiped out?

2.I'm using ver 5.8 firmware here but I see there is an ver 5.8 Eddsa firmware,can I upgrade my key with this Eddsa version directly?

3.I understand that the proper way to backup a key is register a second key as backup.

But what if I save the content of spi flash by picotool or even just dump the whole flash content by hardware flash programmer and re-program it into another key's spi flash.Can I get a duplicated key by doing this?

Thanks!

Would it be feasible to add NFC module compatibility to this program? So it can easily communicate with smartphones (ignoring eventual power supply issues here)

Thanks for making this library open-source 🚀

I would like to start using it on my Raspberry Pi Pico RP2040 but I need some help identifying what I'm doing wrong.

Steps I've taken:

1. I started by flashing my pico with the existing build pico_fido_pico-2.8.uf2
2. The led starts blinking
3. When I then start the registration process the LED goes off
4. When I click the button nothing happens

I've tried at https://www.token2.com/tools/fido2-test/ and https://demo.yubico.com/webauthn-technical/registration

Screenshots

I flashed last firmware to generic rp2040 and it works for 2fa when i need to enter my password and press a button, but every time i try to setup passwordless login, it asks and sets pin, and send credentials, everything seems fine, but when i try to login using passwordless method it accepts pin as correct but seems not find credentials, don't ask to press button and asks for different key. When i try to do same in yubikey playground it works perfectly.



I just don't get it. Should it work?

Do I have to consider anything if I want to use the pico fido on an Android smartphone?
Unfortunately, it is not recognised in my case. Neither with the original VID/PID nor with Yubikey 4/5 OTP+FIDO+CCID patched.
Do I have to pay attention to anything or is it generally not possible?

Hey! This project is super interesting to me. I wanted to set it up, but I'm not sure which uf2 file to download. Are there instructions on how to choose the right one?

$ ykman otp static 1 DrHfEHtICeCeNuEjkfHJdCGuvbhEhGvDenecgk
Slot 1 is already configured. Overwrite configuration? [y/N]: y

Stored password ends up being: DrHfEHtI

I have tested my Raspberry Pi Pico with https://webauthn.io, but it just isn't working.

I have already patched the .uf2 file with 234b:000, opensc-tool reports "No cards found" as well.

dmesg log:

[11890.475945] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[11890.475952] usb 1-1: Product: Pico Key
[11890.475957] usb 1-1: Manufacturer: Pol Henarejos
[11890.475961] usb 1-1: SerialNumber: E6614C30930D4C2C
[11890.483091] hid-generic 0003:234B:0000.0009: hiddev96,hidraw0: USB HID v1.11 Device [Pol Henarejos Pico Key] on usb-0000:00:14.0-1/input0
[11890.486215] input: Pol Henarejos Pico Key as /devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.1/0003:234B:0000.000A/input/input20
[11890.540834] hid-generic 0003:234B:0000.000A: input,hidraw1: USB HID v1.11 Keyboard [Pol Henarejos Pico Key] on usb-0000:00:14.0-1/input1

lsusb output (for this device):
Bus 001 Device 021: ID 234b:0000 Free Software Initiative of Japan Gnuk Token

It is definitely seeing the device, however it's just not able to register credentials for some reason.

When I tried build this project, I got this error.

# someone @ someone in ~/code/build/pico-fido/build on git:development x [13:43:18] 
$ PICO_SDK_PATH=../../pico-sdk cmake .. 

PICO_SDK_PATH is /usr/share/pico-sdk
PICO platform is rp2040.
Build type is Release
PICO target board is pico.
Using board configuration from /usr/share/pico-sdk/src/boards/include/boards/pico.h
TinyUSB available at /usr/share/pico-sdk/lib/tinyusb/src/portable/raspberrypi/rp2040; enabling build support for USB.
BTstack available at /usr/share/pico-sdk/lib/btstack
cyw43-driver available at /usr/share/pico-sdk/lib/cyw43-driver
Pico W Bluetooth build support available.
lwIP available at /usr/share/pico-sdk/lib/lwip
mbedtls available at /usr/share/pico-sdk/lib/mbedtls
-- User presence with button:    enabled
-- Power cycle on reset:         enabled
-- OATH Application:             enabled
-- OTP Application:              enabled
-- Delayed boot:                 disabled
-- USB HID Interface:            enabled
-- USB CCID Interface:           enabled
-- USB VID/PID: 0xFEFF:0xFCFD
-- Configuring done (0.2s)
CMake Error at CMakeLists.txt:118 (target_sources):
  Cannot find source file:

    /home/someone/code/build/pico-fido/pico-keys-sdk/mbedtls/library/aes.c

  Tried extensions .c .C .c++ .cc .cpp .cxx .cu .mpp .m .M .mm .ixx .cppm
  .ccm .cxxm .c++m .h .hh .h++ .hm .hpp .hxx .in .txx .f .F .for .f77 .f90
  .f95 .f03 .hip .ispc


CMake Error at CMakeLists.txt:35 (add_executable):
  No SOURCES given to target: pico_fido


CMake Generate step failed.  Build files cannot be regenerated correctly.

Does anyone can help to fix this error?

I'm trying to work out where the Hardware Abstraction Layer for choosing the button and LED pins lives, as I wish to break out both to external IO pins and use those elsewhere, and the Pi Pico board doesn't break out BOOTSEL or LED (GP25).

Which file or dependency are these defined in? I couldn't find it in this repo or the hsm_sdk one either.

I'm getting the error "ImportError: cannot import name 'windows' from 'secure_key' (unknown location)" while using pico-fido-tool.py
Execution environment:
Git Branch: main
System Version: Ubuntu 22.04.3 LTS
Architecture: amd64
Python Version:3.11.6
Python Package:
fido2:1.1.2
cryptography:41.0.5

When using fido2-token to list / manage credentials stored, I'm receiving an error from fido2-token. Same command does work with a retail token.

fido2-token -L -r /dev/hidraw0

Enter PIN for /dev/hidraw0:
fido2-token: fido_credman_get_dev_rp: FIDO_ERR_RX

other info:

lsusb | grep HSM

Bus 008 Device 108: ID cafe:4231 Pol Henarejos Pico HSM HID

fido2-token -L

/dev/hidraw0: vendor=0xcafe, product=0x4231 (Pol Henarejos Pico HSM HID)

Not too sure I fully understand how fido keys work over NFC (13.56 MHz) but I did find this NFC rp2040 dev board that might be a good starting point for getting this functional:
https://thepihut.com/products/challenger-rp2040-nfc-with-antenna
I guess you would also need an NFC reader connecting to the computer to test it as well. Here are the ones that people with yubikeys say work:

• https://www.amazon.com/Omnikey-HID-5022-Contactless-Reader/dp/B079T2FKN1
• https://www.amazon.com/dp/B01KIKBYAG

I think its anything with support for ISO 14443-4 (NFC-A) support, from my understanding.

It seems for static password the length is limited to 8 characters:

$ ykman otp static  1
Enter a static password: bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
Slot 1 is already configured. Overwrite configuration? [y/N]: y

Then pressing the button gives only bbbbbbbb

The same happens with password generation:

$ ykman otp static --length 24 --generate 1

Do you think that adding a "Display Module for Raspberry Pi Pico" would solve the problem of having to keep the encryption key plain text?

If so, would you be able to point out which part of the code would require a change to wait on user's input?

I'm wondering of making use of screen and maybe a button which allows to flip between all the stored credentials or maybe a password fill. Not sure how hard this feature would be to add.

The master key could be protected using the fingerprint as credentials, making it fairly more secure

I'm trying webauthn with EdDSA. I understand that pico-fido does not support this. But when sending a pubKeyCredParams list with both supported (ECDSA) and unsupported EdDSA for makeCred operation then pico-fido returns error code CTAP2_ERR_CBOR_UNEXPECTED_TYPE. In my opiniion this not a conformant implementation. 6.1.2. authenticatorMakeCredential Algorithm states

If the values of any known members have the wrong type then return an error, for example CTAP2_ERR_CBOR_UNEXPECTED_TYPE.

My interpretation is that the type of the CBOR values, not the values itself are meant. E.g. that an integer was expected but a string was provided. Also there is the Note

This loop chooses the first occurrence of an algorithm identifier supported by this authenticator but always iterates over every element of pubKeyCredParams to validate them.

This further supports my interpretation, that the loop is meant for choosing a supported algorithm, not for checking that all listed algorithms are supported. Can the implementation be changed to simply ignore the entries with unsupported algorithms?

Using ykman in this reddit post:
https://www.reddit.com/r/KeePass/comments/opx34q/keepassxc_and_yubikeys_setting_up_the/
I'm getting the follow response from the device:

# ykman otp chalresp -t -g 2
Using a randomly generated key (hex): 4e613cf377db2a67bfeebe9ba8b70d99f90daa99
Program a challenge-response credential in slot 2? [y/N]: y
ERROR: Failed to write to the YubiKey. Make sure the device does not have restricted access (see "ykman otp --help" for more info).

I'm using a Xiao Seeed if it matters.

I am facing an issue using the pico-fido-tool.py file while executing the attestation command 'csr'. I have the mentioned exception occurred during the execution of the python file under tools folder below

Traceback (most recent call last):
File "D:\IoT-Projects\fido-activity\pico-fido\tools\pico-fido-tool.py", line 475, in
run()
File "D:\IoT-Projects\fido-activity\pico-fido\tools\pico-fido-tool.py", line 472, in run
main(args)
File "D:\IoT-Projects\fido-activity\pico-fido\tools\pico-fido-tool.py", line 468, in main
attestation(vdr, args)
File "D:\IoT-Projects\fido-activity\pico-fido\tools\pico-fido-tool.py", line 438, in attestation
j = get_pki_data('csr', data=data)
File "D:\IoT-Projects\fido-activity\pico-fido\tools\pico-fido-tool.py", line 73, in get_pki_data
response = urllib.request.urlopen(req)
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0\lib\urllib\request.py", line 216, in urlopen
return opener.open(url, data, timeout)
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0\lib\urllib\request.py", line 525, in open
response = meth(req, response)
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0\lib\urllib\request.py", line 634, in http_response
response = self.parent.error(
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0\lib\urllib\request.py", line 563, in error
return self._call_chain(*args)
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0\lib\urllib\request.py", line 496, in _call_chain
result = func(*args)
File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0\lib\urllib\request.py", line 643, in http_error_default
raise HTTPError(req.full_url, code, msg, hdrs, fp)
urllib.error.HTTPError: HTTP Error 500: Internal Server Error

We downloaded the uf2 file from the release page onto our pico, and it seems to function as a key properly when registering the key with google. However, when running the tests, the key fails a lot of them. Are the tests all meant to pass when using the release image? Are the tests testing special features that need to be enabled?

1. What are the tests testing for?
2. Do they normally fail with the code built for a non-w pico?
3. Some of the tests are encountering errors with the fido2 errors or errors with setting up the tests. Is there a dependency we are missing or a flag that needs to be set?
   

secrets list name display error：

after the following modification, it will work normally：

An error occurred while enabling the secure feature using pico-fido-tool.py

Pico Fido Tool v1.5
Author: Pol Henarejos
Report bugs to https://github.com/polhenarejos/pico-fido/issues


Traceback (most recent call last):
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 469, in <module>
    run()
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 466, in run
    main(args)
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 458, in main
    secure(vdr, args)
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 416, in secure
    vdr.enable_device_aut()
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 375, in enable_device_aut
    ct = self.get_skey()
         ^^^^^^^^^^^^^^^
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 371, in get_skey
    ct = self.encrypt_chacha(self._get_key_device())
                             ^^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/Documents/pico/pico-fido/tools/pico-fido-tool.py", line 367, in _get_key_device
    return skey.get_secure_key()
           ^^^^^^^^^^^^^^^^^^^^^
  File "/home/user/Documents/pico/pico-fido/tools/secure_key/windows.py", line 44, in get_secure_key
    return get_d(key.encode())
                 ^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'encode'

I am trying to use pico-fido-tool.py file for accessing the pico-fido board with the pin and while doing so I am getting this error message
AttributeError: 'NoneType' object has no attribute 'capabilities'

Hello, thank you for making this wonderful project! It works really nice, and I love it so much!
I apologize for my stupid question, however I don't have enough capabilities to read complicated code, so I think it would be nice if you got spare time to simply answer this:

1. Considering the hardware quality of dev-boards isn't always as good as real FIDO devices, I wonder which part that really defined the "key" (aka the different part from other pico-fido dongle I make)? Is it the rp2040 board itself defined the key (like unchangeable serial number or something that included the rp2040 chip), or the key is included in the UF2 file?

2. In another word, if I meant to make two same dongles that can replace each other (just for example, I won't use it maliciously), would it make two dongles totally same if I put same uf2 file to both of the dongle?

3. Are there way to backup the "key" in clear text so I can backup it on a paper instead of saving some files?

(I'm not worrying that I leaked the "key" to hackers or something, since my account is not important at all. All I'm worried is that someday the hardware broken, and I lost access to my account, that's why I need to making sure I know a correct way to backup my "key")

Thank you in advance for answering my stupid question, and have a nice day!

I'm trying to auth the ssh using pico-fido, but the key cannot be generated

$ ssh-keygen -vvvv -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug3: start_helper: started pid=14873
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: start_helper: starting /usr/lib/ssh/ssh-sk-helper 
debug1: sshsk_enroll: provider "internal", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: sk_probe: 1 device(s) detected
debug1: sk_probe: selecting sk by touch
debug1: ssh_sk_enroll: using device /dev/hidraw2
debug1: ssh_sk_enroll: fido_dev_make_cred: FIDO_ERR_RX
debug1: sshsk_enroll: provider "internal" failure -1
debug1: ssh-sk-helper: Enrollment failed: invalid format
debug1: main: reply len 8
debug3: ssh_msg_send: type 5
debug1: client_converse: helper returned error -4
debug3: reap_helper: pid=14873
Key enrollment failed: invalid format

$ ssh-keygen -vvvv -t ecdsa-sk -O resident
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug3: start_helper: started pid=14953
debug3: ssh_msg_send: type 5
debug3: ssh_msg_recv entering
debug1: start_helper: starting /usr/lib/ssh/ssh-sk-helper 
debug1: sshsk_enroll: provider "internal", device "(null)", application "ssh:", userid "(null)", flags 0x21, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: sk_probe: 1 device(s) detected
debug1: sk_probe: selecting sk by touch
debug1: ssh_sk_enroll: using device /dev/hidraw2
debug1: check_sk_options: option uv is unknown
debug1: key_lookup: fido_dev_get_assert: FIDO_ERR_RX
debug1: ssh_sk_enroll: key_lookup failed
debug1: sshsk_enroll: provider "internal" failure -1
debug1: ssh-sk-helper: Enrollment failed: invalid format
debug1: main: reply len 8
debug3: ssh_msg_send: type 5
debug1: client_converse: helper returned error -4
debug3: reap_helper: pid=14953

I try release 5.4 as yubikey5 (fw patched with portal https://www.picokeys.com/pico-patcher/): pico_fido_pico-5.4.yubikey5.uf2
I have Win10 (10.0.19045 Build 19045) and I'm using YubiKey Manager 1.2.5. The FIDO2 work as passkey but when I try to use manager it see the key but the items showed in Applications menu are grey and Interfaces menu not work.
The app show a message: "Make sure the application has the required permissions" (I runned it as Administrator). In user mode the app not see the fidokey.

I try to flash firmare for rp2040-zero and work as "yubico neo" but when unplug from USB and reconnect not restart. As mentioned in this forum problably can be solved setting a variable "This pico-sdk requires PICO_BOARD variable to be set to adafruit_feather_rp2040. By default, the sdk was using pico.h."
The yubico authenticator show "webauthn" and "authenticator" functions but in this case show a smartcard error connection:

Hello. I want to use this firmware with a module from aliexpress called YD-RP2040 (vcc-gnd.com), it has an additional button and an RGB diode. The diode is the same as the waveshare RP2040-Zero only on a different port. How to adapt the firmware? I previously tried the firmware pico_fido_pico-5.8.uf2 everything seems to be working, except that you can’t select Upload in the YubiKey Manager in the Applications - Yubico OTP section, I get an error. And I don’t quite understand how to select the mode for generating a random password at the touch of a button. Please help me with any questions.

Hi,

With the newest uf2 file, its LED didn't show anything.

GP 16 <-> DIN WS2812 RGB LED

waveshare-rp2040-zero pin

And testing on demo.yubikey.com is also no reaction.

[15096.929257] usb 1-4: new full-speed USB device number 48 using xhci_hcd
[15097.081523] usb 1-4: New USB device found, idVendor=feff, idProduct=fcfd, bcdDevice= 3.04
[15097.081545] usb 1-4: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[15097.081552] usb 1-4: Product: Pico HSM HID
[15097.081557] usb 1-4: Manufacturer: Pol Henarejos
[15097.081563] usb 1-4: SerialNumber: ExxxA4931xxxxxxx
[15097.092666] hid-generic 0003:FEFF:FCFD.0015: hiddev1,hidraw4: USB HID v1.11 Device [Pol Henarejos Pico HSM HID] on usb-0000:00:14.0-4/input0

Compiling pico-fido with PID/VID supplied via cmake still results in hard-coded PID/VID being used (cafe:4321) that is also different than documented PID/VID pair (FEFF:FCFD).

Fail to open otp on windows client，it can only use on my phone

After uploading an image on https://www.picokeys.com/pico-patcher/ the website display a message: "Thanks for contacting us! We will be in touch with you shortly." but the new image is never downloaded.

• I use 2 factor authorization

• Google recently added support for WebAuthn
  So I decided to connect it
  Then I deleted the key and rebinded it to add support for WebAuthn

• And after that. I can't get into my account...

• The 2-factor authorization also does not work