mailcow-dockerized icon indicating copy to clipboard operation
mailcow-dockerized copied to clipboard

Published 20 hours ago verified publisher icon mailcow

YubiKey and new TFA

Open markus-gitdev opened this issue 2 years ago • 3 comments

Summary

With the new TFA (that is also available for users, which is a great feature!) you now have to select which YubiKey to use to authenticate. Before the TFA update, it was only needed to touch any of the registered YubiKeys to authenticate.

It'd be great if there was just an option called "YubiKey" and this works as before (without the need of selecting the right key).

Motivation

Makes it easier to use.

Additional context

No response

markus-gitdev avatar Jul 14 '22 18:07 markus-gitdev

Yes, that should not have been changed. Can you check this @FreddleSpl0it

andryyy avatar Jul 15 '22 05:07 andryyy

@markus-gitdev do you mean Yubikey with Webauthn or Yubikey OTP?

For Yubikey with Webauthn: The thing is, the Browser needs to see some real user interaction to allow the call to navigator.credentials.get(). Before the update a user had to click on start validation.

FreddleSpl0it avatar Jul 15 '22 07:07 FreddleSpl0it

I meant YubiKey OTP. Webauthn still works as before.

grafik

As you can see there are 2 YubiKeys registered, but it would be great if it was merged with just "YubiKey", so you don't have to select a specific YubiKey - just like it was before.

markus-gitdev avatar Jul 15 '22 07:07 markus-gitdev

I'll close this since https://github.com/mailcow/mailcow-dockerized/pull/4685 got merged and available in the latest update (2022-08)

MAGICCC avatar Sep 01 '22 13:09 MAGICCC