keechallenge icon indicating copy to clipboard operation
keechallenge copied to clipboard

Published 20 hours ago verified publisher icon brush701

Add U2F authentication

Open altsalt opened this issue 8 years ago • 3 comments

GitHub just got a lot of Yubikeys out there.

Thanks for supporting FLOSS crypto stuff!

altsalt avatar Oct 05 '15 04:10 altsalt

That's great news, thanks for the heads-up.

"While supplies last, GitHub users can purchase special edition U2F Security Keys for $5 plus shipping and handling" -- https://github.com/blog/2071-github-supports-universal-2nd-factor-authentication

They are talking about the "FIDO" U2F -- ~~a key that does not support "Yubikey OTP" which KeeChallenge requires~~. What would it take to add U2F support to KeeChallenge? I don't know. Here's an unofficial C# library to check out: https://github.com/brucedog/u2flib

robert-claypool avatar Oct 05 '15 19:10 robert-claypool

Correction: KeeChallenge does not use OTP (one time passwords). I was thinking of otpkeyprov which does.

KeeChallenge uses the HMAC-SHA1 Challenge-Response method, and I'm not sure if these $5 special edition FIDO keys can do Challenge-Response.

robert-claypool avatar Oct 05 '15 19:10 robert-claypool

The $5 special edition FIDO keys can not do Challenge-response. They support only the U2F standard.

spikebike avatar Jul 30 '16 01:07 spikebike