You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Consider: Could it be implemented as a 3rd party app using the REST API instead?
I want a option for a central function (login). No, it can not be implemented as a 3rd party app.
Pitch
I use a Solo Key as a security stick for "Two Factor Authentication" (2FA). This Stick has a PIN to secure one of it's functions (passwordless login with FIDO2) not used on Mastodon. For login into Mastodon I used only the Function 2FA (FIDO 1). Actual the implementation of 2FA in Mastodon asks in addition to password (knowledge) and the stick (ownership) for my PIN. For critical systems this additional knowledge is OK, but I recommend to allow the administrators or each single user to disable the PIN request.
In Github and Twitter the same key allows usage as second factor without inserting the PIN.
Alternatively, the pin request can be switched off completely.
Motivation
Reduces steps when logging in with security keys.
The text was updated successfully, but these errors were encountered:
Consider: Could it be implemented as a 3rd party app using the REST API instead?
I want a option for a central function (login). No, it can not be implemented as a 3rd party app.
Pitch
I use a Solo Key as a security stick for "Two Factor Authentication" (2FA). This Stick has a PIN to secure one of it's functions (passwordless login with FIDO2) not used on Mastodon. For login into Mastodon I used only the Function 2FA (FIDO 1). Actual the implementation of 2FA in Mastodon asks in addition to password (knowledge) and the stick (ownership) for my PIN. For critical systems this additional knowledge is OK, but I recommend to allow the administrators or each single user to disable the PIN request.
In Github and Twitter the same key allows usage as second factor without inserting the PIN.
Alternatively, the pin request can be switched off completely.
Motivation
Reduces steps when logging in with security keys.
The text was updated successfully, but these errors were encountered: