search

Bubka / 2FAuth

A Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
https://docs.2fauth.app/
GNU Affero General Public License v3.0
2.3k stars 152 forks source link

Zero-knowledge database #291

Open azertylr opened 9 months ago

azertylr commented 9 months ago

Hello,

would it be possible to use a zero-knowledge architecture? So, even if the database and APP_KEY are compromised, the attacker cannot access anything.

kzshantonu commented 9 months ago

+1 encrypting with the user password would be nice

Stetsed commented 9 months ago

I found this project I this was basically my first question, for 2FA and password manager I assume no matter what that my server is compromised. So having the option to use ZKE would be absolutely great and would make this an instant use for me personally. I will have a look through the code base and see if it’s in my ballpark and see if I can maybe help :)