Jump to content
Bill Rossum

Google Authenticator 2FA Implementation

Recommended Posts

Bill Rossum    0
Google Authenticator 2FA Implementation

Hi,

First off, I would like to start by saying I love the product and I use both the desktop and paid mobile version. I think it would be great if there was something built into Enpass that could replace Google Authenticator, something that is able to store your 2 factor authentication secrets, and then display and copy the codes. In the past when ever I've dealt with Authenticators, it has always been a struggle to keep the secrets synced between devices, and I know this is a strong point for Enpass. I think this could be a feature that would draw a lot of people to Enpass.

Thank you for your consideration.

Share this post


Link to post
Share on other sites
Ivarson    16

Just remember that storing your first factor along with your second isn't conscidered good practise.

The shared key for generating TOTPs is reversible to cleartext to (be able to sync ofc.). One could argue that its overkill to protect it further since its already within the vault which already is protected.

But still, having your one-factor vault compromised would result in breach for your two-factor logins, if stored together :-)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×