I’m not sure if this is being worked on or has already been suggested, but this seems to be a feature missing from Piefed. I personally used to use it when I was on Lemmy but haven’t been able to on Piefed. I understand if this is difficult to implement but I feel like it would be a good security feature that seems to oddly be missing from Piefed.
What about TOTP? Keepass*X supports them
Yes, that’s what I’m thinking of :)
Sorry, I don’t follow. There are issues with TOTP on Linux?
I thought you meant for example yubikey, where I could see the problem in the fact that it requires additional binary and maybe not every distro has it
But TOTP?
TOTP requires a 2nd device to be a 2nd factor, whereas many people want to use their phone with passwords synced.
Also, mabnually typing in numbers sucks.
That’s where WebAuthn comes in. Users couls, for example jus log in with a Nitrokey or Yubikey.
You can store the secret on the same device as password and it’ll still protect you from eavesdropped, leaked or guessed password
It’s not a 2nd factor if there’s only one place knowledge has to bde stolen from you.
That depends on the security vector one tries to secure. If my password manager DB gets stolen and password gets hacked - sure. But that is not the only threat one might want to use TOTP against. Even if my TOTP is on the same device as password, if someone manages to recreate my password or eavesdrops it or my password (but not TOTP secret) leaks, TOTP still guards my account