WebAuthn support in GUI #8409
Comments
emlun
added
enhancement
|
Thank you for offering an actual contribution instead of just asking for a feature, that's great! I personally would welcome the addition, but it is also a bit risky to allow this one technology, as some people may argue that if this is accepted, other solutions should be integrated as well and we don't want feature creep. But OTOH we already have LDAP as a special case and at least WebAuthn is an open, widely available standard. Please do open a PR where we can discuss the implementation. |
|
Great work and kudos to emlun! WebAuthn is a fantastic addition to SyncThing as the current basic authentication is EXTREMELY outdated for such a great tool. Will be testing once first beta is available. |
|
I would like to do some testing on Webauthn support and provide feedback. I downloaded the latest development build (syncthing-windows-amd64-v1.20.4-rc.1.dev.7.g34a5f087.zip) from the build server last night and replaced my syncthing.exe (Windows) but did not see the new options in the GUI. Would you let me know how to enable for testing? Perhaps I downloaded the wrong build? Thanks. |
|
It's not merged yet. You can follow the development here: #8417 |
|
Thanks. Will monitor and test once it's merged. Joe |
|
What is the current status of the development work on Webauthn support? Still don't see this in the development or beta builds. Has development stalled? Would like to help out where we can to move this along. Be happy to test, provide feedback and work on documentation updates if we can get an early build (Windows). |
|
As you can see, the PR is still in a WIP state. If you want to test it now, you'd need to clone the PR author's Syncthing repository, compile Syncthing from the |
|
Any movement on adding WebAuthn support? Still would love to test and help out! Thanks |
|
Emlun - Thank You for the update. We stand ready to perform testing and feedback on all the various Windows client and server builds using all the major browsers once a beta build is available. Much appreciate your work as this will add some long overdue polish to the front-end of Syncthing, along with the security benefits which WebAuthn brings. |
I would love to see the GUI support WebAuthn as an alternative to password authentication. Although the Syncthing GUI perhaps doesn't need the strongest security since it's typically not exposed to the whole internet, WebAuthn can still offer a much more pleasant user experience than passwords for those users that prefer it. Personally I use a password manager protected by a YubiKey, and it's rather annoying to have to take the detour through the password manager when I could just tap the YubiKey instead - especially when accessing the Syncthing GUI remotely on my phone, I wouldn't have to switch back and forth between apps to retrieve a password.
I have a working, fairly polished implementation ready, though I expect it'll take a bit more work for it to pass review (most notably, I haven't added any tests yet). Shall I open a pull request, or would you like to discuss it some more first?
The text was updated successfully, but these errors were encountered: