jans23

> Basically, I don't know if dex itself should implement this. Second factor auth is usually triggered by special events, such as logging in from a new device, a new...

> The Nitrokey devices and the NetHSM don’t have any shared features, and NetHSM won’t be supported by libnitrokey, right? That's correct. > In this case, a separate application would...

Potentially [PKCS#11 NG](https://doc.primekey.com/ejbca/ejbca-integration/hardware-security-modules-hsm/generic-pkcs-11-provider) would be a solution.

I think sooner or later there will be some Windows users who prefer nitrocli over GUI. I see your point. So let's wait until such demand emerges and perhaps a...

Nitrokey FIDO U2F are available since November 2018.

@hillbrad Please let me know if you want a free Nitrokey FIDO U2F to test it for this review.

@hillbrad Ping. Could you add Nitrokey FIDO U2F to the review, please?

Please try [updating](https://docs.nitrokey.com/nitrokey3/linux/firmware-update) your Nitrokey 3.

It would be great if this could go into the upcoming NC release. Any chance? The reason why Firefox behaves differently than Chorme is that it doesn't support WebAuthn yet...

Yes, just trusting an own request is insufficient. The response needs to be checked if a PIN had been used or not. See [the article linked here](https://github.com/nextcloud/server/issues/21215#issuecomment-1286724972) for more details.