Page MenuHomePhabricator
Create Task
Maniphest T150565

Support physical OATH/OTP devices
Closed, DeclinedPublic
Actions

Description

Partially as a follow on to T150564...

It'd be nice, but would require a different workflow, to support hardware based OTP devices. Things like http://www.usbtoken.ro/shop_en/otp-tokens-server-authentication and even Yubikeys in a OTP mode

https://en.wikipedia.org/wiki/HMAC-based_One-time_Password_Algorithm#Implementations

Related Objects

Event Timeline

Reedy created this task.Nov 12 2016, 2:21 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 12 2016, 2:21 AM
Parent5446 added a subtask: T100373: WebAuthn (U2F) integration for Extension:OATHAuth.Nov 12 2016, 3:10 AM
Krenair subscribed.Nov 12 2016, 4:10 AM
Ladsgroup subscribed.Nov 12 2016, 2:49 PM
Reedy mentioned this in T150609: Support Yubikeys for 2FA on wikis.Nov 13 2016, 2:30 PM
Dereckson merged a task: T150609: Support Yubikeys for 2FA on wikis.Nov 13 2016, 2:31 PM
Dereckson added subscribers: Thibaut120094, Jules78120, Linedwell, Dereckson.
Ciencia_Al_Poder renamed this task from Support phyiscal OATH/OTP devices to Support physical OATH/OTP devices.Nov 13 2016, 2:33 PM
DaBPunkt subscribed.Nov 13 2016, 5:50 PM
Platonides subscribed.Nov 13 2016, 11:22 PM
TheDJ mentioned this in T150958: De-emphasize "mobile app" because there are other ways to use AOTH.Nov 17 2016, 2:31 PM
hoo subscribed.Dec 6 2016, 3:49 PM
Addshore subscribed.Dec 6 2016, 3:58 PM
Daylen subscribed.Jul 18 2017, 5:02 AM
FastLizard4 subscribed.Aug 11 2017, 12:08 AM
TheDJ merged a task: T177081: Allow 2FA using Fido Alliance devices (like Yubikey or Nymi).Nov 8 2017, 12:01 PM
Tgr subscribed.Nov 18 2017, 9:53 PM

Given the superiority of U2F I would decline this in favor of T100373: WebAuthn (U2F) integration for Extension:OATHAuth. There seems to be little point on owning a non-U2F-capable hardware token today.

Lars.Dormans subscribed.Mar 11 2018, 8:22 PM

Seeing as indeed U2F is the most universal tool in the shed at this point me too would favor to decline this and instead use T100373: WebAuthn (U2F) integration for Extension:OATHAuth. Since this would avoid developers for having to work with tons of device specific API's

jeblad subscribed.Aug 16 2018, 7:45 PM

I would also say go for U2F, but it should not be to difficult to support OTP devices too.

Krenair added a comment.EditedNov 5 2018, 5:03 PM

FWIW I've been using a Yubikey in OTP mode with OATHAuth for some time. That said I agree U2F is the way forward.

AfroThundr3007730 subscribed.Nov 26 2018, 1:09 AM
jeremyb subscribed.Dec 28 2018, 4:19 AM
Reedy removed a subtask: T100373: WebAuthn (U2F) integration for Extension:OATHAuth.Oct 16 2019, 2:30 PM
Restricted Application added a subscriber: Strainu. · View Herald TranscriptOct 16 2019, 2:30 PM
Reedy closed this task as Declined.Oct 16 2019, 2:30 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL