-
-
Notifications
You must be signed in to change notification settings - Fork 321
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FIDO U2F for multifactor auth? #145
Comments
@cboettig I always wanted to add a physical dongle with open hardware associated with LessPass. I did not know FIDO U2F before. I will look at it. Thank you for this request |
@cboettig we bought two FIDO U2F Security Key from Yubico to see if we can innovate in this area |
Hi. If I understand it correctly, this 2 factor authentication can be used for the database that stores metadata such as site name, username, and password options. I can't think of a way to use it for password generation which is the actually important thing in LessPass. Could you clarify that? |
Yes, you could imagine protecting your authentication to the LessPass Database with your key. I admit this is an area where we need to experiment to see what is possible. |
@guillaumevincent you can probably use RSA keys like Nitrokey Pro to store master password or to encrypt the password :) you can also look into OpenKeychain Android app, you can even sign into ssh with it :) with termbot |
I close this one for now |
In addition to the master password, I'd love to see support for FIDO U2F open authentication standard protocol for 2 factor authentication (e.g. see https://developers.yubico.com/U2F/Libraries/List_of_libraries.html for libraries.) Could this get on the roadmap?
The text was updated successfully, but these errors were encountered: