Hi guys,
Are there any plans to bring a Two-Factor Auth (2fa) application to the phone? I’m not sure about other people, but this would be a dealbreaker for me (because of my work).
Thanks!
Diogo
4 Likes
Someone after my own heart!
If you are referring TOTP-based 2FA or SMS-based 2FA then yes. As I’m sure you know, push-notification-based 2FA (like Duo for instance) is app-dependent. As U2F is also somewhat dependent on client-side support, I’m not sure whether the Librem 5 browser will support it out of the box or not (my hope is that it would but I don’t want to commit to something without knowing for sure).
My personal goal is to encourage people to use a hardware token to store the TOTP secret instead of storing the secret directly on the phone (there are already Linux applications for a number of these hardware vendors that do this). That way they can perform TOTP 2FA both from their phone and from their Librem laptop in a secure way that doesn’t expose the secret.
4 Likes
Thanks, man! Yes, I’m interested in TOTP, more specifically. I do have a hardware token with me, but I learned the hard way to always have more than one device as a token provider, so that I don’t get locked out. What would be the TOTP-based 2FA solution you’re talking about?
Thanks!
1 Like
We are still in the process of deciding which TOTP implementation to default with so I can’t get too much more specific yet.
Bump this topic as it is something I would like to see in Librem 5. Plan to use ProtonMail as primary and want two factor auth. Hope to sort this out before the phone arrives.
1 Like
Related: List of mobile Linux apps has
- 1 in the category 2FA code generator
- 2 in the category OTP generator
1 Like
This would be awesome!
2 Likes
Glad somebody asked, I wanted to try out this one
mainly because I am capable of hacking pyhon.
1 Like
That looks very nice indeed, would be awesome if it runs on the L5. Good find.