fido2support
-
i found another open source project that can help, built around passkeys.
https://github.com/teamhanko/hanko -
Hello,
I just wanted to emphasise that this topic is super important.
Now that all browsers and the big tech giants support the topic, more and more websites are offering passkey as a secure and very convenient authentication method. At the latest after Amazon offers passkey as a password replacement (https://www.theverge.com/2023/10/23/23928589/amazon-passkey-support-web-ios-shopping-mobile-app), the topic has finally arrived on the broad market.I see two areas of interest for Cloudron here:
- cloudron apps with keypass (as 2fa or also as 1fa)
- app for developers such as Hanko.io=> https://forum.cloudron.io/topic/8375/hanko-io-fido2-webauthn-passwordless-login
-
another alternative is passwordless.dev, i think
-
-
-
alright, i'm wondering what improvements have been made sense this topic rolled out.
-
-
@crazybrad 1. witch app? and2. that is really coll man. yeah it does. i cant wait to see how this is going to go along with cloudron. not only that, i think it'll give bitwardens passwordless team a head because cloudron is not large, but pretty good in size. if i were you, what i would do is have it to where all the user has to do is give cloudron dashboard the key, then cloudron will do the other stuf unless required on the users end.
-
@adisonverlice2 We have a proprietary application (not hosted on Cloudron). I have considered using Cloudron as the single source of authentication truth, but for various reasons, I will likely not go in that direction.
-
@crazybrad i see. that is very cool.
-
i just thought of another way to do fido support.
have cloudron users use something like duo security and then login can be done using fido along with other ways cloudron does not natively support. -
by the way, that link was a link from security now, a podcast i regularly listen to.
here is the official duo security address.
my business has used it before, so i think its pretty good at what it does. -
@girish and @nebulon There's another resource like passwordless.dev that is maintained by members of the W3C and FIDO Alliance team that developed passkeys: https://passkeys.dev/ Even if it's tricky to implement passkey support for applications we host in Cloudron, being able to log in to the admin panel with a passkey would be massive as this provides the security of PKI encryption without the overhead nightmare of running a certificate authority.
It includes libraries and guides for thinking through the implementation. Mastodon handles are on the landing page, too, if you have questions. They maintain the site on their own to help orgs looking to adopt passkeys and one of the maintainers is the author of the SimpleWebAuthn (https://github.com/MasterKale/SimpleWebAuthn)
Bitwarden supports passkeys with their iOS mobile app now and in their beta Android app, and 1Password supports them in both mobile apps, so the ecosystem is at a point where there's full cross-platform support (except Linux dammit, but browser-based passkeys will work on Linux) and it's not just iOS or Chrome Password Manager.