Two-Factor Authentication

[paragonie-scott]

Preliminary Requirements:

• Needs to work in a Tor-friendly environment, no metadata or real identity attachments like Google Auth
• Needs to work for people without special hardware
• Needs to be easy-to-use; not GPG-encrypted emails.

The end goal might end up being multiple 2FA options, with the Airship captain choosing which ones they want to support.

[alfiepates]

I'd suggest you support FIDO U2F. It's not ideal, it does require hardware, but that hardware is pretty damn cheap and readily available.

[paragonie-scott]

If "hardware" can also mean "smartphone" then that's acceptable.

[paragonie-scott]

FIDO U2F seems like a good idea, but I'm not holding 1.0.0 back on this.

[kelunik]

no metadata or real identity attachments like Google Auth

You mean no TOTP by that?

[paragonie-scott]

If we can exchange a shared secret between the server and U2F device without any service needing their real name or email address, that requirement is met.

[kelunik]

In that case TOTP is perfectly fine and compatible with Google Authenticator.

[paragonie-scott]

The good news is: this is getting bumped to version 0.3.0.

The bad news is: Version 0.3.0 is getting bumped down in time by, presumably, a few days.

[paragonie-scott]

It looks like Google Authenticator requires Base32 encoding. Luckily, we already have constant-time RFC 4648 encoding :)

[kelunik]

@paragonie-scott Right, and also supports just 6 digits.

[paragonie-scott]

94f03d6