Feature Request: TOTP/U2F Two factor support

[betsythefc]

I think that Etesync 2.0 is great, with using a single password, but having a second factor would be awesome. I think the signing in to the account and the web client should have a configurable 2 Factor with TOTP/U2F. I think it would be useful to have both, as I know not everyone owns a Yubikey.

I also think that the apps need to support it as well, so that we cannot login without 2FA, if 2FA is setup.

[tasn]

Thanks for opening this ticket!

It's an often requested feature and we should be able to address this after EteSync 2.0 is out. We already built the infrastructure needed for this change. I personally think it's not as important for EteSync 2.0 as it is for non-encrypted services, because with EteSync 2.0 you don't actually log in by sending your password (as is common with every other service), but rather using a zero-knowledge-proof. This means that it's much less likely your password will be leaked. And if it is leaked, it means your encryption is compromised anyway (as the encryption material is derived from it).

With that being said, it's still a good additional layer of defence and we plan on adding it!

[catwithbanana]

Now that 2.0 is out, is there any timeline on adding 2fA support? Thanks!

[tasn]

No immediate plans, but happy to accept PRs! The problem is that it also needs to be supported across all of the apps, so it's quite a bit of work.