Page MenuHomePhabricator

Support physical OATH/OTP devices
Closed, DeclinedPublic


Partially as a follow on to T150564...

It'd be nice, but would require a different workflow, to support hardware based OTP devices. Things like and even Yubikeys in a OTP mode

Event Timeline

Reedy created this task.Nov 12 2016, 2:21 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 12 2016, 2:21 AM
Ciencia_Al_Poder renamed this task from Support phyiscal OATH/OTP devices to Support physical OATH/OTP devices.Nov 13 2016, 2:33 PM
hoo added a subscriber: hoo.Dec 6 2016, 3:49 PM
Daylen added a subscriber: Daylen.Jul 18 2017, 5:02 AM
Tgr added a subscriber: Tgr.Nov 18 2017, 9:53 PM

Given the superiority of U2F I would decline this in favor of T100373: WebAuthn (U2F) integration for Extension:OATHAuth. There seems to be little point on owning a non-U2F-capable hardware token today.

Seeing as indeed U2F is the most universal tool in the shed at this point me too would favor to decline this and instead use T100373: WebAuthn (U2F) integration for Extension:OATHAuth. Since this would avoid developers for having to work with tons of device specific API's

jeblad added a subscriber: jeblad.Aug 16 2018, 7:45 PM

I would also say go for U2F, but it should not be to difficult to support OTP devices too.

Krenair added a comment.EditedNov 5 2018, 5:03 PM

FWIW I've been using a Yubikey in OTP mode with OATHAuth for some time. That said I agree U2F is the way forward.

Restricted Application added a subscriber: Strainu. · View Herald TranscriptOct 16 2019, 2:30 PM
Reedy closed this task as Declined.Oct 16 2019, 2:30 PM