This is just a feature request, but I primarily use U2F for two factor. Would it be possible to do this, especially since both the browser (Firefox with Addon, Native in Chrome) and local access with Golang is possible?
Will keep this open for future OSS contributors.
Since there is no go library to interface with U2F keys yet, would it be acceptable to implement the commandline client side with the libu2f-host C library or the u2f-host program included in libu2f-host?
@jcj83429 this would be a nice feature so we're not closing the issue, but keeping it open for 3rd party contributors.
@alchar, @bibekaur, @jdahiya and I are university students and we will be adding U2F support to Gravitational Teleport for a computer security course project.
@jcj83429 awesome! Thanks for your help.
For U2F login, would it be acceptable for the authentication to fail before requesting a signature from the U2F key if the password entered is incorrect or should we wait until we get a signature from the U2F key before we announce whether the password was correct?
Failing before the token is the pattern of Google, etc. so I think it's fine.
On Oct 13, 2016, at 10:10 PM, jcj83429 [email protected] wrote:
For U2F login, would it be acceptable for the authentication to fail before requesting a signature from the U2F key if the password entered is incorrect or should we wait until we get a signature from the U2F key before we announce whether the password was correct?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
consider it implemented
Most helpful comment
@alchar, @bibekaur, @jdahiya and I are university students and we will be adding U2F support to Gravitational Teleport for a computer security course project.