Jump to content

U2F Support


Derick
 Share

Recommended Posts

I'm rolling out 2FA for our The password reset and password database.  Although some users are happy to use a mobile device others wanted us to provide a token.  Having looked at the ease of use for setup and use of U2F tokens I'd like to request u2F support.  We use Duo as our 2FA and the Duo API allows u2F tokens so I'm hoping it's not too complex.  Additionally the ease of use, single click for password resets, or 2fa to a stored database.  It's a sure way to encourage user enrollment.

 

Thanks


Derick

Link to comment
Share on other sites

  • 6 months later...

Firstly, it appears that entering a forum search for "U2F" does not return this post.  I only found it from a Google search result, and had to enter "Derick" to find the post.

 

If this feature would allow us to use YubiKey U2F, then I second the request - it would be very convenient.  We currently us it for AWS - enter username and password, click the button on the YubiKey, you're in.

 

...or, if this feature is already available, please let me know X-/

 

Cheers

Link to comment
Share on other sites

Dear Support,

 

where should we found the implementation for U2F?

There are only OATH(TOTP/HOTP) and yubico OTP, but no U2F or similar.

 

I asked some time ago, but got no answer from support

https://www.clickstudios.com.au/community/index.php?/topic/5232-full-yubikey-support-with-webauthn/

 

Best regards

Link to comment
Share on other sites

Thanks Martin, I was going to ask the same question.

 

Serves me right for not originally asking "if this feature is already available, please let me know where:rolleyes:

 

The OATH - HOTP option works well with a YubiKey if you have a spare "slot" in the key, but I suspect U2F would be preferable.

 

Looking forward to the CS response.

 

Cheers

Link to comment
Share on other sites

Hi Guys,

 

Hopefully I have not misunderstood what U2F is, with respects to Yubikey. Can you please have a look at the following:

By using the Yubikey OTP option, we can authenticate with a click on the button as you've mentioned La+zy - it autofills the OTP on the screen.
 

Regards

Click Studios

Link to comment
Share on other sites

Yep, what Martin said.

 

Using an AWS logon with U2F as an example:

  • Page 1: We enter the standard username and password, click Sign In
  • Page 2: We are prompted "Insert your U2F security key into your USB port, and then tap the button or gold disk", the YubiKey flashes, we tap the button on the key and we're in

It's not a huge thing, but it would simplify the use/management of our YubiKeys, assuming PasswordState could use the same U2F credentials in the primary YubiKey "slot".

 

Cheers

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...