Skip to content

[Enhancement] Provide CTAP 1/2FA. #7526

Description

@roke-julian-lockhart

My Proposal

Ideally, provide CTAP2 1FA, via FIDO2. However, U2F 2FA would be an improvement over TOTP 2FA, insofar as one remains able to have TOTP 2FA registered, when CTAP 1/2FA is (solely for use if CTAP authentication is not supported by the client).

My Rationale

FIDO2 1/2FA provides a significantly quicker authentication process, and provides significantly less chance of phishing, since the user cannot be convinced to enter a credential (although TOTP mostly solves that, too). However, TOTP doesn't provide secure 1FA.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions