Forward Email - Open-source & Privacy-focused Email Service
Passkey as 2FA and/or passwordless account #474
blackxored
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Might be mixing two into one here, sorry for the very brief summary.
I would like to get rid of TOTP as they're to my understanding inherently less secure than passkeys and hardware keys (phishable if you're tired, shared secret stored on server). Currently ForwardEmail supports passkeys but only for login. If I disable TOTP then I'm left with an account that only password is needed to sign in, worse case.
I would like passkeys (with the requirement to have to enter a PIN on the device, FIDO protocol stuff I don't know about) to be used as my sole 2FA if password is absolutely required, or:
Completely remove password from my account like Microsoft does and have passkeys being the only method through which I'm able to login.
Beta Was this translation helpful? Give feedback.
All reactions