feature request: add 2FA, alternate log-in methods #36

Open
opened 3 months ago by localghost · 0 comments

There has been a recent request to the ops mailing list for 2FA. This has been requested in the services matrix channel a couple of times as well.

Some thoughts on possible delivery mechanisms:

  • TOTP - input code, login
  • login link is encrypted with pgp key / other key, displayed on webpage. user decrypts with their private key, follows link to login

Some bot/chat mechanisms might also be worth considering:

  • matrix - get login url from bot, login
  • xmpp - send login url from a xmpp bot (we have one at cyberia.top)
  • SMS - above bot is hooked into jmp.chat number, so can send login url by text messages or by voice calls as well.

Personally I think totp would probably be simplest.

There has been a recent request to the ops mailing list for 2FA. This has been requested in the services matrix channel a couple of times as well. Some thoughts on possible delivery mechanisms: * TOTP - input code, login * login link is encrypted with pgp key / other key, displayed on webpage. user decrypts with their private key, follows link to login Some bot/chat mechanisms might also be worth considering: * matrix - get login url from bot, login * xmpp - send login url from a xmpp bot (we have one at cyberia.top) * SMS - above bot is hooked into jmp.chat number, so can send login url by text messages or by voice calls as well. Personally I think totp would probably be simplest.
Sign in to join this conversation.
No Label
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Loading…
There is no content yet.