U2F: Registration Failed 4

Error code 4 stands for DEVICE_INELIGIBLE which is defined here. I just tested the U2F login with my YubiKey NEO and it is working correctly.

Could you please try removing and registering the key again?

Thx for your reply. It works now, but it is a little bit tricky and not absolute user friendly. Let me explain:

I have a WP Multisite, which runs on example.com and I have 2 sub sites. One runs on sub.example.com and the other on example2.com.

If I register my YubiKey in my profile, this key is shown in my profile. Like you know, the profile is always the same and not linked to the site where I’m on. However, the YubiKey only works with that one site I was logged in while registering the key.

That mean for example, I am logged in at example.com and I register my key, so I can only login when I try to login via example.com/wp-login.php. The other two sites will give the Error Code 4.

Interestingly, I can register the same key multiple times. So I registered this key 3 times, one time on each site (main domain, new domain, sub site domain) and now the sign array holds 3 keys (one for each site) and I can log in no matter on what site.

So you see, in my profile 3 keys are listed, which are actually the same key. It would be nice if I only had to register the key once for a network. If that is not possible because of the protocol, maybe it is linked to the domain, it would be nice to see only the one key, which belongs to that site.

Thanks for the detailed feedback!

This is a known issue which has been documented here:
https://github.com/georgestephanis/two-factor/issues/102

The issue is with U2F standard and the AppId being associated with a particular domain. The Multi-facet apps approach might now work on sites with many sites.