Two-Factor Auth app?


#1

Hi guys,

Are there any plans to bring a Two-Factor Auth (2fa) application to the phone? I’m not sure about other people, but this would be a dealbreaker for me (because of my work).

Thanks!

Diogo


#2

Someone after my own heart!

If you are referring TOTP-based 2FA or SMS-based 2FA then yes. As I’m sure you know, push-notification-based 2FA (like Duo for instance) is app-dependent. As U2F is also somewhat dependent on client-side support, I’m not sure whether the Librem 5 browser will support it out of the box or not (my hope is that it would but I don’t want to commit to something without knowing for sure).

My personal goal is to encourage people to use a hardware token to store the TOTP secret instead of storing the secret directly on the phone (there are already Linux applications for a number of these hardware vendors that do this). That way they can perform TOTP 2FA both from their phone and from their Librem laptop in a secure way that doesn’t expose the secret.


#3

Thanks, man! Yes, I’m interested in TOTP, more specifically. I do have a hardware token with me, but I learned the hard way to always have more than one device as a token provider, so that I don’t get locked out. What would be the TOTP-based 2FA solution you’re talking about?

Thanks!


#4

We are still in the process of deciding which TOTP implementation to default with so I can’t get too much more specific yet.


#5

Bump this topic as it is something I would like to see in Librem 5. Plan to use ProtonMail as primary and want two factor auth. Hope to sort this out before the phone arrives.


#6

Related: List of mobile Linux apps has

  • 1 in the category 2FA code generator
  • 2 in the category OTP generator