From 9b0bd1a632371e4726fc9792b8cb1261593fa7dc Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Tue, 2 Oct 2018 08:39:31 -0400
Subject: [PATCH] only set compromised flag if counter is > 0

---
 src/Core/Identity/U2fTokenProvider.cs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/Core/Identity/U2fTokenProvider.cs b/src/Core/Identity/U2fTokenProvider.cs
index 632f8af082..e03efdcf41 100644
--- a/src/Core/Identity/U2fTokenProvider.cs
+++ b/src/Core/Identity/U2fTokenProvider.cs
@@ -174,7 +174,10 @@ namespace Bit.Core.Identity
             // Update database
             await _u2fRepository.DeleteManyByUserIdAsync(user.Id);
             key.Counter = registration.Counter;
-            key.Compromised = registration.IsCompromised;
+            if(key.Counter > 0)
+            {
+                key.Compromised = registration.IsCompromised;
+            }
 
             var providers = user.GetTwoFactorProviders();
             providers[TwoFactorProviderType.U2f].MetaData["Key1"] = key;