search

bartnv / twofactor_webauthn

Roundcube plugin for FIDO2/WebAuthn 2-factor authentication
GNU General Public License v3.0
30 stars 7 forks source link

Passkey Support #21

Open jbacksch opened 1 year ago

jbacksch commented 1 year ago

Hello,

it would be nice to support the Chome, Edge, Safari Passkey feature. Thank you very much.

Regards Jörg

bartnv commented 1 year ago

I may add passkey as an alternative to a security key for 2FA, but I probably won't be able to support them as single-factor auth (as they are intended). The reason for this is that Roundcube needs your IMAP password to log into the backend server. If we were to replace that password with another authentication method then we'll need to store that password somewhere serverside. This isn't something that's supported by Roundcube natively (even the remember-me functionality, which uses something like this, is a third-party plugin). I'm very reluctant to play around with encryption schemes to make this work.