Page MenuHomePhabricator

Support physical OATH/OTP devices
Closed, DeclinedPublic


Partially as a follow on to T150564...

It'd be nice, but would require a different workflow, to support hardware based OTP devices. Things like and even Yubikeys in a OTP mode

Event Timeline

Ciencia_Al_Poder renamed this task from Support phyiscal OATH/OTP devices to Support physical OATH/OTP devices.Nov 13 2016, 2:33 PM

Given the superiority of U2F I would decline this in favor of T100373: WebAuthn (U2F) integration for Extension:OATHAuth. There seems to be little point on owning a non-U2F-capable hardware token today.

Seeing as indeed U2F is the most universal tool in the shed at this point me too would favor to decline this and instead use T100373: WebAuthn (U2F) integration for Extension:OATHAuth. Since this would avoid developers for having to work with tons of device specific API's

I would also say go for U2F, but it should not be to difficult to support OTP devices too.

FWIW I've been using a Yubikey in OTP mode with OATHAuth for some time. That said I agree U2F is the way forward.