-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for 2FA (OTP, U2F) #418
Comments
I assume this is for Invidious login, could you provide any more details on implementing them or what apps/devices they should be tested with? |
Well OTP is always probably the same. You can use a Nitrokey, Yubikey or also command line tools. |
+1 This will increase account security. I always like services that support OTP for accounts. If invidious gets hacked the passwords get leaked accounts are still secure due to 2FA. |
i want to ask if there is any news on this feature ? |
on the who, there is a library (MIT Licence) : https://github.com/lelag/otphp in php for doing OTP on login |
Unfortunately Invidious is programmed in Crystal so a php library won't be compatible. Fortunately there are libraries for this and I'll be working on implementing it very soon! |
There is a library for crystal here: https://github.com/philnash/crotp |
I'm aware. I'm currently just waiting for the maintainer to officially support Crystal 1.0 but I'll go ahead and fork it if needed. |
any news on this ? |
No, a PR #2254 is pending but we still don't have the time yet for finishing it. But if you want to contribute to the pull request you are free to do so :)! |
The PR is mostly done, but we first need a database migration framework. |
i'm open to help but i do not know anything on crystal, so i can't help for that, will simply wait just wanted to know if we can hope to see it soon for up to date instance or if i must continue without it for now).
Thanks for the answer ;) |
any news ? |
Please add support for OTP (HOTP) and/or U2F. I am sure there are some librarys for this.
I personally prefer U2F as second factor more than OTP.
The text was updated successfully, but these errors were encountered: