Child Item

Non-resident passkey and U2F

I see dropbox has added resident passkey support for security tokens, however I cannot see any way to add a non-resident key to save valuable slot space on security tokens where entering a username/email first isn't an issue.

Google have done the same, but with their setup, if the token slots are full, they fall back to creating a non-resident passkey instead. Can dropbox do the same, or ideally ask the user before hand which type to make.

Secondly, I can no longer see a way to a security token as a U2F for doing 2FA rather than passkeys. My old token is still registered, but trying to add my new one, will just try to make a passkey instead which isn't possible due to full slots. It would be useful to still have the ability to register a security key for 2FA rather than always assuming passkeys, especially if the only option for passkey is "resident" keys.

Find more posts tagged with

Security

Account Settings

Two Factor Authentication

Disagree

Under Consideration

Accepted answers

Gary22

Free plan. Tried using Firefox and Chome on Windows.

I have just tried on Firefox on Linux (Debian so LTS version) and that produces a generic error when trying to add the key. Chome on windows tells me that the key is full (which it is, but then it should go with non-resident).

Chrome on Linux has worked fine, key is still full but it added as a non-resident/U2F key.

Both windows and Linux chrome are version 139.0.7258.155

Anyhow, I've added the key via Linux so all is good from my pov. It works fine to use on Windows just couldn't add it via windows.

You can ignore my original post as it seems DB have not blocked U2F in favour of only resident passkeys, it seems more a browser/OS issue.

All comments

Walter

Hey @Gary22 - thanks for taking the time to share your thoughts on this with us.

Just to make sure we're on the same page, can you clarify what Dropbox plan you're on at the moment, what device(s) and web browser(s) you're using, and send us a screenshot of the options you get when you try to register a new security key? Are you able to remove your old tokens to add a new one or not?

Any additional information is more than welcome.

Gary22

Free plan. Tried using Firefox and Chome on Windows.

Chrome on Linux has worked fine, key is still full but it added as a non-resident/U2F key.

Both windows and Linux chrome are version 139.0.7258.155

Anyhow, I've added the key via Linux so all is good from my pov. It works fine to use on Windows just couldn't add it via windows.

You can ignore my original post as it seems DB have not blocked U2F in favour of only resident passkeys, it seems more a browser/OS issue.

Walter

I see, thanks for the update and I'm glad you got it sorted in the end, Gary.

Let us know if anything else comes up and have a lovely weekend ahead!

Theresa

Hi @Gary22 and welcome to the Dropbox Community. It's really appreciated, you taking the time to share your feedback and questions around passkey and U2F support - it’s clear you’ve given this some serious thought, and we love hearing from folks who are exploring the more technical side of Dropbox.

I’m Theresa 👩‍💻, one of the community managers here at Dropbox. Since you’ve been digging into security and authentication, I’d love to know... do you have a favourite Dropbox feature that really stands out for you?

Looking forward to hearing more,

T 😺 (Dropbox Community Manager)