-
In the interest of user security, we would like to add 2 factor authentication to the API and Website. This should be handled in phases or steps (both for productivity and because the CLI will need wo…
-
I just got a u2f key and want to see what sites I use support them. A page listing only sites that support it, in one long list would be much easier to check through than going category by category.
-
I would like to see which sites supports TOTP
-
## Storyline
Add "extra security" with optional 2FA ~~based on U2F~~
## Libraries
There are existing node libraries for U2F:
- https://www.npmjs.com/package/u2f-api
- https://www.npmjs.com/pack…
-
Due to the current non-atomic way tf_totp secret and tf_primary method are updated it is possible to override the tf_totp_secret with a new unvalidated value by doing the following:
1. Start 2FA setu…
-
I'm in the works of making a [new version](https://github.com/Carlgo11/twofactorauth/tree/tfa_tag) of the API and YAML layout.
In the new layout I've moved all tfa method tags into an array. I'm also…
-
I have a few websites that I use that require a username, password, plus some other data to be able to log in. I can store them in KeePass as string fields on the Advanced tab and use Control-V to au…
-
Hello,
we've seen several people of the past year requesting a way to check if a site supports TOTP([RFC #6238](https://tools.ietf.org/html/rfc6238))(commonly referred to as Google Authenticatior) or…
-
## Description
When the uesrname is missing and the user clicks "Sign In" the application crashes with this backtrace:
```
Traceback (most recent call last):
File "freedomofpress/securedrop-…
-
Account compromise of the owner of a popular package on PyPI is something that would have pretty dire consequences. 2FA/MFA would be a big step to helping avoid this.
This would need to be implemente…