Comments (10)
I'd suggest you support FIDO U2F. It's not ideal, it does require hardware, but that hardware is pretty damn cheap and readily available.
from airship.
If "hardware" can also mean "smartphone" then that's acceptable.
from airship.
FIDO U2F seems like a good idea, but I'm not holding 1.0.0 back on this.
from airship.
no metadata or real identity attachments like Google Auth
You mean no TOTP by that?
from airship.
If we can exchange a shared secret between the server and U2F device without any service needing their real name or email address, that requirement is met.
from airship.
In that case TOTP is perfectly fine and compatible with Google Authenticator.
from airship.
The good news is: this is getting bumped to version 0.3.0.
The bad news is: Version 0.3.0 is getting bumped down in time by, presumably, a few days.
from airship.
It looks like Google Authenticator requires Base32 encoding. Luckily, we already have constant-time RFC 4648 encoding :)
from airship.
@paragonie-scott Right, and also supports just 6 digits.
from airship.
from airship.
Related Issues (20)
- PHP Warning: symlink(): File exists in /src/Installer/Commands.php on line 41 HOT 1
- Version 2.0.0 is postponed until PHP 7.2
- Version 2: Better Naming Conventions HOT 1
- Automated Vulnerability Scanning
- Deep Static Analysis and Unit Testing HOT 11
- Consistent Use of Regular Expressions
- Prevent super long email addresses
- For admins, the authors List should show yours first HOT 1
- Can't Install on CentOS 7? HOT 3
- Intent to Abandon Version 1 HOT 2
- Airship 2 doesn't see sodium from PHP 7.2 HOT 2
- "Outdated Version of Libsodium" notice from public/launch.php on PHP 7.2 HOT 4
- "Undefined index: email" when trying to launch airship HOT 3
- Keyggdrasil failed, Automatic update - signature failure, Call to undefined function textdomain() HOT 10
- Insecure links and loading HOT 9
- Tear Down Keyggdrasil, use a Chronicle Instead
- Non-Blocking I/O Servers Support ( Swoole, ReactPHP, Amp ... etc ) HOT 4
- Background on Codebase
- CSRF Array to String Error
- blank screen after creating account HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from airship.