You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"Universal 2nd Factor (U2F) is an emerging open authentication standard focused on scaling high security public key and 'smart card' technology to every Internet user.". Please see 1, 2 and 3 for more details on U2F.
Google is already using it for auth 4, stable release of chrome already support it and it is expected other browsers will add support soon.
I'd love to have U2F support on owncloud so I can, from time to time or in "emergencies", use a not trusted PC to login without having much risks (besides I can later change my password, but nobody can access without the U2F device meanwhile either, a big difference when auth only uses the password). And also, feel way more secure as brute force attacks (besides being mitigated with some tool, as I'm doing now) or replay attacks will not ever succeed.
Having OTP as fallback for situations where U2F is not supported would be nice too.
Can you please consider adding support for U2F ?
Thanks a lot,
Rodrigo
The text was updated successfully, but these errors were encountered:
"Universal 2nd Factor (U2F) is an emerging open authentication standard focused on scaling high security public key and 'smart card' technology to every Internet user.". Please see 1, 2 and 3 for more details on U2F.
Google is already using it for auth 4, stable release of chrome already support it and it is expected other browsers will add support soon.
I'd love to have U2F support on owncloud so I can, from time to time or in "emergencies", use a not trusted PC to login without having much risks (besides I can later change my password, but nobody can access without the U2F device meanwhile either, a big difference when auth only uses the password). And also, feel way more secure as brute force attacks (besides being mitigated with some tool, as I'm doing now) or replay attacks will not ever succeed.
Having OTP as fallback for situations where U2F is not supported would be nice too.
Can you please consider adding support for U2F ?
Thanks a lot,
Rodrigo
The text was updated successfully, but these errors were encountered: