Fixed, thanks!
Took me a few glances to see the mistake 
After I used id.ai to log in to caffeine (I don’t know what happened exactly), all the Internet identities of this computer could not be logged in and could not be added again.
Are you saying that after registering in id.ai now you can’t log in to identity.internetcomputer.org?
I am currently unable to log in to https://identity.ic0.app/, https://id.ai/, or https://identity.internetcomputer.org/ using my current computer.
I also cannot recover access through other devices (it prompts that the account is already registered).
I’m not sure which event or action caused this situation, but I recall it started after using Caffeine on id.ai.
I can register a new identity, but I can’t use the old one.
1 Like
Hi @ysyms
Sorry for the incoveniences,
Can you share with me on a DM a screenshot of the problem you see when you try to log in https://id.ai/ and in https://identity.internetcomputer.org/?
Thanks!
This seems related to the authentication mechanism of identity.ic0.app.
The following is the process to reproduce the issue:
- I registered a new identity (ID: 2854601) on
https://identity.internetcomputer.org/. - When logging in to
identity.ic0.appusing identity 2854601, everything was normal. - Subsequently, I created another new identity (ID: 2854613) through
identity.ic0.app. - The problem occurred: I was unable to log in to
identity.ic0.appusing identity 2854613, and at the same time, the original identity 2854601 also became invalid, preventing me from logging in on any .
Thanks for the replication steps!
I was able to perform all the steps and I successfully logged in all the new identities I created and never had any issue.
You performed all these steps in the same device, right?
Could you to the Windows Security Center to check for passkeys for the domains “identity.ic0.app” and “identity.internetcomputer.org” and tell me whether you see any passkeys there? It appears that your computer is unable to find the passkeys when there are multiple ones…
Could you try creating two registrations in this standard website for passkeys: https://www.webauthn.me/ and let me know how it goes?
You also mentioned that you can’t recover. Do you mean using a seed phrase?
@lmuntaner on https://id.ai, There’s a console error when doing the following:
“Upgrade from legacy identity” → “Continue” → “Upgrade Again”.
Now i can’t login to ii.1.0 on any windows web browser . Is somebody experience the same?
1 Like
(the migrated one. I still can login to the fresh one i made)
okey, nevermind. some strange error. I regained access using the recovery phrase /sorry.
Not sure how to find that in Windows Security Center
Looks OK
When I restore, it will prompt that the device already exists.If I remove this device and add it again, it should recover normally
I am currently unable to log in with the identity registered on identity.ic0.app. It becomes invalid immediately after registration and also causes other identities to become invalid (but does not affect the passkey on https://www.webauthn.me/).
1 Like
every time i login to ii 1.0 i have to use recovery phrase, it doesn’t remember my device, always the same error
“““ Authentication Failed
Something went wrong during authentication. Please try again.
Error details:
Error: Failed to authenticate using passkey: Unknown error: NotAllowedError, user-agent: “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36”, is platform auth available: true “““
I’ve never had problems like this before. Permanently.
And when will there finally be basic security with a recovery phrase for ii.2.0 ?
Applications want to migrate …but obviously don’t want to take unnecessary risks.
1 Like
Hi @casualchess
A few questions to help me debug the problem
- Does your device work with passkeys in https://webauthn.me/
- Did you try with another browser?
- Did you try adding a new passkey?
Support for seed phrases is included in the roadmap and should be available soon, although I’m not sure exactly when.
- This website is a mystery to me. I created an account, but I’m lost. I don’t know where to check or set up passkeys. Do I need to create an app? How… I have absolutely no idea how to navigate it. I’d need step-by-step instructions on what to click and what to do.
- yes, i try every updated browser i have.
- i added new passkey using https:// identity .internetcomputer.org/
What I did:
a). Of course, I used the recovery phrase to log in to ii.1.0. It’s the only way every time.
b) When the “Remember this device to avoid losing access to your account again. What device are you using?” prompt popped up, I skipped it. I can’t remember because Windows eventually asks me to insert some security key, which I don’t have.
(This step is also a mystery to me. What “security key”?? some usb gadget which i need to buy first somewhere?)
c) Once I’m on the identity management page, I click add new passkey => then “or add passkey from this device.”
The first time, something must have been added (as Windows Hello) because I had 5 passkeys and now I have 6. But when I try to re-add it again, it asks me to enter my PIN as usual, then it says it will check the device mark and model. I agree, but then windows window asks me to insert a security key into the USB port, which I don’t have.
But as I said, I previously had 5 different passkeys, now I have 6 (two on identity. internetcomputer. org as Windows Hello). But it doesn’t work because after logging out, it still doesn’t remember my device, and error occure again.
Let’s continue in direct messages.
The next version of Kinic on the Chrome store is using II2! Thank you for the work 
Onboarding for us will be much easier 
4 Likes
So I just hooked up a custom domain to my caffeine site, and I notice some interesting behavior from II 2.0.
apparently if a user login by accessing the caffeine domain name it generate one principal.
if the user login from the raw canister url it generate a different principal (for the same II 2.0)
if the user login from the custom domain I attached it generates yet another principal ID.
so one user using the same authentication method generates 3 different principals for the same dApp. is this the intended behavior? theoretically if I had multiple domains that resolve to this canister would every single one generate a new principal ID?
2 Likes