trezor-password-manager icon indicating copy to clipboard operation
trezor-password-manager copied to clipboard

Published 20 hours ago verified publisher icon trezor

Implement TOTP ("Google auth")

Open slush0 opened this issue 6 years ago • 3 comments

TPM can be easily turned into second-factor application like Google Auth:

  • Server-provided secret is encrypted via CipherKeyValue and encrypted data stored in TPM
  • New method in trezor-core will accept encrypted data and current timestamp (possible use of Roughtime?) and generate OTP to show on display.

That way Trezor works as common second factor (on services where superior U2F is not supported) and all OTP secrets are backed up in TPM, which solves common problem of losing server-provided secrets with losing mobile phone.

slush0 avatar Nov 06 '18 11:11 slush0

This would be an excellent addition!

nickels avatar Jan 11 '19 22:01 nickels

This depends on the firmware: https://github.com/trezor/trezor-core/issues/516

prusnak avatar Mar 26 '19 13:03 prusnak

I second this.

zsoltsandor avatar May 13 '20 03:05 zsoltsandor