Moogle Stiltzkin wrote: ↑Fri Jul 05, 2019 9:39 pmwell titan had a small hiccup due to a flawTheliel wrote: ↑Fri Jul 05, 2019 8:41 pm +1
We definitely need support for FIDO U2F and FIDO2 (Webauthn). Its not about some specific Security key support like Yubikey/Titan, FIDO U2F like FIDO2 (Webauthn) are now standards, with FIDO2 we could even login in a passwordless environment. Both technologies are very well documented, standards, with a lot of ready-to-play code samples and should be "easy" to support, at least, of course, for Web Access.
SMS 2FA is fine, and TOTP is "perfect" for everyday use, but FIDO2 is the next step, much more secure, easier, faster...
https://www.wired.com/story/google-tita ... ecall-ble/
but ultimately the bug free version for these either titan or yubikey would be nice
Yes, among other things, it is one of the reasons that Yubico never launched a Bluetooth key, although he worked on it for a while. In addition to being more insecure and prone to failure, they require their own power supply.
Anyway, U2F/FIDO2 should be a must to have in present days if you need/want a secure environment