Two factor authentication (2FA)

Why not support also FreeOTP, FreeOTP+ or similar free software? Why to rely only on Google authentication? Could not get 2FA working with FreeOTP. See also alternatives of Google Authenticator for Android, iOS. Also support for connected tokens (e.g. Yubikey or similar U2F compliant) would be appreciated.

3 Likes

I didn’t tried it, but FreeOTP, andOTP,… are using all the exact same algorithm as Google Authenticator. I don’t see why it should work with Google Authenticator but not with the other.

I just tested it with andOTP, it works perfectly fine. A shame that a proprietary app is suggested though, perhaps we can find and correct this in the Discourse settings.

Found it and extended the text with referring to andOTP :slight_smile:

2 Likes

Just some background info: The algorithm used by all these mentioned apps is TOTP. It works offline and it does not matter what app you use.


Also support for connected tokens (e.g. Yubikey or similar U2F compliant) would be appreciated.

When we are at it, YubiKey is not FLOSS. FLOSS alternatives e.g. are NitroKey, SoloKey (based on former U2FZero).
But, generally, yes, such a thing would be nice.

  • rugk [2018-10-10 23:24 +0200]:

Just some background info: The algorithm used by all these mentioned apps is TOTP. It works offline and it does not matter what app you use.

Thanks for the info. But well, it’s still important for some people to
use Free Software apps where possible. Therefore I think the extension
of the text was important.

Also support for connected tokens (e.g. Yubikey or similar U2F compliant) would be appreciated.

When we are at it, YubiKey is not FLOSS. FLOSS alternatives e.g. are NitroKey, SoloKey (based on former U2FZero).
But, generally, yes, such a thing would be nice.

Is anyone aware of native or addon features for Discourse which support
this?

Not yet, and I don’t think it will be possible for a plugin to provide it, it will have to be a feature built into Discourse itself. It will be U2F support when it appears.

Yep, see upstream discussion here:

Just tested it: Yubikey Neo works for 2FA with Discourse in TOTP mode. The authenticator app is BSD licensed.

Enabled two factor authentication and it works fine here too with andOTP