Jump to content
chribonn

Implement FIDO2 / SQRL 2FA to Login

Recommended Posts

Hi,

Can you consider adding support for 2FA functionality to log into Enpass.  Today they are protocols (I mentioned 2 in the subject line) that can be used.

This would allow first login into enpass without having to provide the 1st password.

Regards,

 

Share this post


Link to post
Share on other sites

Hi @chribonn

Thanks for the suggestion. Actually, Enpass is an offline password manager and doesn’t keep any of your information on any cloud/server. Two factor authentication is generally used in online services where the requested data is transmitted after validating the user through a second factor (generally an OTP on phone or email) and works as an extra protection, which is not at all required in case of offline services as your data is with you only.

Also, being offline is not a limitation of Enpass but gives you a peace of mind that your data is with you only. But to add extra randomness to your Master Password, you can use a KeyFile in Enpass. A KeyFile gets appended to your Master Password before the actual encryption or decryption of your data happens. So, even if someone, somehow gets access to your data and your Master password is also compromised (a worst case scenario), your data is still safe as the KeyFile is required to decrypt or access your data.

Share this post


Link to post
Share on other sites

Hello @Vikram,

I would like to experiment with the KeyFile functionality.  Do you have documentation I can follow to try this out?

With respect to SQRL this is an free open source method of user authentication.  I've attached a snapshot from the documentation.

Thanks

PS: Please note that I am not associated with this project in any way.

SQRL.PNG

Edited by chribonn
  • Thanks 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...