Support more types of devices (besides just TOTP) #23
Labels
Comments
Open
|
Updating the link since the old one no longer works: https://django-otp-official.readthedocs.io/en/stable/overview.html#plugins-and-devices We should focus on supporting Webauthn for this issue. I wrote about why in issue #59. It is a step up from OTP, since OTP is not as secure. I guess we would need different flows for users who wish to setup OTP versus users who want to setup FIDO2 U2F with webauthn. Webauthn should be able to handle both OTP and FIDO2 U2F though. |
|
As the description said it would be nice if you could configure whatever you wanted and django-allauth-2fa just used it, instead of being hard-coded to assume TOTP is the only type of device. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
django-otp supports at least TOTP, static, and HOTP. It also provides a separate packages for YubiKey and Twilio support.
We should figure out a way to make django-allauth-2fa check any appropriate 2FA systems when logging in, not just the totp devices. Some information about this is available in the docs: https://pythonhosted.org/django-otp/overview.html#plugins-and-devices
The text was updated successfully, but these errors were encountered: