Chromedriver disables Trusted Platform Module (TPM)

Enricoys · Post by **Enricoys** » Mon Oct 21, 2024 7:44 am

I use Chromedriver for an application where 2 factor authentication (2FA) is required at log in. This application allows the use of Trusted Platform Module (TPM) as 2FA. With the normal use of Chrome this works fine. No input is required since Chrome recognizes the hardware automatically because of the TPM. The only thing I had to do is to register my device once as Trusted Platform in this application. However, when I use Chromedriver my computer is not recognized anymore as Trusted Platform and moreover it is not even possible to register a device in the application (this option is grayed out). It seems that Chromedriver disables the use of TPM.

I have looked for a startup option for the Chromedriver to solve this. Nothing found. Furthermore I tried to find an option in the Chrome settings without any result.

Dorian (MJT support) · Post by **Dorian (MJT support)** » Mon Oct 21, 2024 9:49 am

Our hunch here is that ChromeDriver will not allow selenium to automate a chrome session that requires a hardware security method - for security reasons.

Enricoys · Post by **Enricoys** » Mon Oct 21, 2024 10:38 am

Thanks for you quick reply Dorian.
The strange thing is that a Security Key is actually accepted by ChromeDriver as a hardware security method in this application, however this requires a physical push on the button of the Security Key which makes it useless for Robotic Process Automation.
Up till now we could use SMS as 2FA for this application however this is going to be depreciated sone. It is unfortunately not possible to switch off 2FA for this application. All other methods of 2FA requires user interference (QR-scan, push button, NFC contact, PIN-code on mobile phone). It would really be a big issue for us if we can not log in automatically since this needs to be done 30 times per day. I also expects that those kinds of forced 2FA is going to me more normal for other applications since security becomes more and more an issue. The problem would also be solved if I could find a Fido U2F Security Key without the requirement of physical input (i.e. button, finger print). After a thorough Google search I think that those simply do not exist.

JRL · Post by **JRL** » Mon Oct 21, 2024 3:59 pm

I know nothing about this device. May not work but maybe there's something similar out here that will work. Just a thought.

https://www.amazon.com/Pankia-Physical- ... r=8-1&th=1

Grovkillen · Post by **Grovkillen** » Tue Oct 22, 2024 1:45 am

If it's a button and you're able to solder some wires onto it you could use a USB HID relay. I've used this approach before:

https://github.com/pavel-a/usb-relay-hid

https://a.aliexpress.com/_EzDyCKd

I've used it to reboot devices during flashing of software (at our company).

As seen here, open up the dongle and you'll find some pcb with short curcuit pads to solder onto: https://core-electronics.com.au/fido-u2 ... urity.html

Enricoys · Post by **Enricoys** » Tue Oct 22, 2024 7:47 am

Thanks JRL and Grovkillen for those creative ideas. I still hope someone comes up with a way to use Trusted Platform Module in combination with ChromeDriver since this 2FA does not need any physical interaction.

Grovkillen · Post by **Grovkillen** » Tue Oct 22, 2024 9:44 am

I understand your point but that leaves you playing the waiting game.

Chromedriver disables Trusted Platform Module (TPM)

Chromedriver disables Trusted Platform Module (TPM)

Re: Chromedriver disables Trusted Platform Module (TPM)

Re: Chromedriver disables Trusted Platform Module (TPM)

Re: Chromedriver disables Trusted Platform Module (TPM)

Re: Chromedriver disables Trusted Platform Module (TPM)

Re: Chromedriver disables Trusted Platform Module (TPM)

Re: Chromedriver disables Trusted Platform Module (TPM)