Yubikey/U2F Key Support


(Nathaniel Suchy) #1

Would the developers of Discourse consider allowing us to use U2F Keys for 2-factor authentication?


(Jeff Atwood) #2

As I understand it, browser support is still too immature to do so. Feel free to cite relevant examples for Safari, Edge, Chrome, and Firefox.


(Sam Saffron) #3

Yes as far as I know only Chrome adopted this standard. I agree we got to wait here, or someone can build a plugin.


(Cameron:D) #4

Edge: The status of FIDO U2F in Microsoft Edge is Not currently planned - Microsoft Edge Development Not planned.

Firefox: Security/CryptoEngineering - MozillaWiki Supported in 57.

Safari: GitHub - Safari-FIDO-U2F/Safari-FIDO-U2F: FIDO U2F support for Safari. available via plugin.


(Gerhard Schlager) #5

It should be possible when WebAuthn is supported by major browsers. It’s already part of Firefox 60, will probably be in Chrome 67 and as far as I know it will be added to Edge and Safari in the near future.

https://www.w3.org/2018/04/pressrelease-webauthn-fido2.html.en


(Alex) #6

+1 I’d like to see U2F support as well.

Gitlab supports U2F by requiring users who want to leverate it to sign up for 2-factor authentication first… then if the user is unable to log-in via a U2F dongle (not accessible, browser lacks support, etc), they can do the normal authy/authenticator 2-factor.

U2F dongles are also getting cheap. http://a.co/8Q4C20f