Auth on device other than current device?

[wmertens]

I saw a mention of 2.0 working with desktop+mobile.

Will it be possible to designate a central device for 2FA? I imagine that all "slave" clients will somehow contact the "master" client so that you can authenticate there, or at least set up some sort of P2P replicated password vault?

[homakov]

Currently you login with same pw on desktop and mobile, you get the same profile and access to same accounts.

In 2.0 it will be possible to sign transactions like money transfer (non empty scope) on 2 devices using central broker. It is only useful for websites with money and other critical functionality, that's why it will be implemented after some adoption is gained.

There's no need to doublesign login scope='' which is main use case for now. We start with simple things.

[deltaidea]

It's already kinda like a replicated vault, in the sense that the same password will always generate the same exact key pair, which will log you into the same accounts.

The idea to store the key on a remote device is intriguing though. Would you consider that @homakov? Not doublesign, but signing remotely. Sort of like Kryptonite but for HTTP instead of SSH.

[homakov]

There are many interesting ways to make it more secure in depth. But short term roadmap is huge. Will get back to it.

[homakov]

closing now, signing is only possible on the same machine