Yeah I wrote some code that got U2F support working through inside the OATHAuth extension, though I don't think it ever got to Gerrit.
On Tue, 14 Aug 2018, 10:31 Simon Walker, <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 12/08/18 17:47, Petr Bena wrote: > > Right now there are only two options for two factor > > authentication: > > > > * Don't use two-factor authentication (insecure) * Use two factor > > authentication (annoying as hell) > > Has any thought been given to supporting alternate methods of 2FA, > such as the FIDO Universal Second Factor (U2F)? > > These reduce the time taken to authenticate the second factor to a > couple of seconds (plug in, press one button), versus the smartphone > TOTP apps (unlock phone, open app, find right code in list, type it in). > > I'm aware there's a cost to the tokens, and I'm not suggesting there > be a requirement on them, just an optional alternate for those who > either already own one or are willing to spend around £10. > > GitHub and Google both support U2F as an alternate to TOTP, and either > method can be used when the second factor is required. > > > Cheers, > > Simon > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > > iQEcBAEBCAAGBQJbcqFdAAoJELPtp5HPJmI8+gYH/0LPkSS9Uz+yI5Cj5MdbKBR+ > OKesFIbFnNWR6DmBC8CteIItuCqAlopDQ4+GhTpcp3LTIDFE+tIJuDJWpX1l+Smg > GW0MQ6fj8ZUXETaFZeuEYKVBM6eD1t9c349H6Lv9zJEIUkvHlKq5rOgDijzMiVQa > aYNBzOrFovdFgbRqh6BfJqNnZJ1CH5cZcAANndzBuv3AzGel/iTxSHzZ36ypmXAu > wvbc8pJ9hWbVPPUwX8RIOmYKTUsfmLCzgySJMyMnkUJgRWB0h2ox1U3bszUZQzvD > uLUZMR8Hv6/oIB6fHr6NWbMDVCg13a10pHNak7fSrlE7h1WKIOwe12Ixw8muYJQ= > =y0jr > -----END PGP SIGNATURE----- > > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
