rugk

Ah, yes that's what I mean. Nevertheless it won't work on mobile devices.

> For me, there's absolutely no way I'd be willing to grant this permission to any app. For me that would be fine given such an explanation of a usage...

Well… yeah, good idea. Given the cited key (SoloKey) now has [the v2 campaign running](https://www.kickstarter.com/projects/conorpatrick/solo-v2-safety-net-against-phishing), here are some more details on how that would have to be implemented: In contrast...

Also I'd propose to rename this issue to a more accurate title like "Add support for hmac-secret FIDO2 extension".

> IMO, the main purpose of this would be to have compatibility with other KeePass programs, such as KeePassXC for desktop, which uses HMAC-SHA1 for YubiKeys (and OnlyKeys too). That's...

Note that on Android by default all apps/browsers seem to depend on Google Play Services (yet again :roll_eyes:) for FIDO2/WebAuthn to work/use that implementation. A feature request for implementation at...

For the reasons given by @buckket I'd close this a dupe of https://github.com/Kunzisoft/KeePassDX/issues/8. Or basically, not implement it. The point of 2FA is a second factor. I think #805 (and...

Well… fair point. Though one solution would be to always go the safe way and use your FIDO-key also for the mobile. Also I'm quite unsure whether this would even...

> FIDO2 authentication using this - https://www.theverge.com/2020/6/24/21301509/apple-safari-14-browser-face-touch-id-logins-webauthn-fido2 Note that this uses passwordless login, i.e. FIDO2 with two factors, the TPM (something you have) and face/fingerprint authentication (something _you are_). In...

It does not require an internet permission. As you said, as a file saving etc it is perfectly acceptable. Syncing or whatever is needed to sync the files may be...