pikvm icon indicating copy to clipboard operation
pikvm copied to clipboard
verified publisher icon pikvm

Adding passkey support

Open panda2134 opened this issue 2 years ago • 2 comments

Is your feature request related to a problem? Please describe. Currently, if the user enables 2FA then a TOTP is required at every login. Given that some users do have access to devices that are more secure than an app-based 2FA code (e.g., security tokens like Google Titan or Yubikey), it would be great if PiKVM supports a passwordless login with those devices using a passkey.

Describe the solution you'd like Implement the passkey protocol and allow passwordless login with security tokens.

Describe alternatives you've considered Do not implement the passkey protocol, but allow using WebAuthn / Yubikey as an alternative second factor. That is, after providing the password, instead of typing in the 6-digit code at every login, the user interacts with a security token to prove their identity.

Additional context Try passkey at https://passkey.org. I'm personally interested in submitting a pull request on this if I have time.

panda2134 avatar Feb 21 '24 16:02 panda2134

Hello. I think it can be done, but most likely we will need a new plugin api for authorization inside KVMD.

mdevaev avatar Mar 14 '24 07:03 mdevaev