Add Yubikey to XF 1.5 two-step verification

melbo

Well-known member
From this HYS thread: https://xenforo.com/community/threads/two-step-verification-and-security-improvements.99881
This is Great! :cool: (y)
I was just hoping the standard implementation would have support for Yubikeys already in it.
Google Authenticator doesn't work if you are traveling between different time zones.
Me and my mods use Yubikeys. Yubikeys are awesome, and so easy to use. They always work, also in different time zones.
I'm using an add-on for two-factor authentication now.
Agreed. I also use an addon for our Yubikey integration but would prefer to see it added to core 2FA

Please add Yubikey support as another method of 2FA
This addon is currently working well: https://xenforo.com/community/resources/freddyshouse-two-factor-authentication.1663/

Please like this post if you want to see this considered :)
 
Upvote 36
Also a problem, Chrome is the only browser supporting U2F...
I guess the other browsers will follow. For now only Chrome then. I use Chrome (y)

My (old) Yubikey Standard doesn't support U2F, but I agree U2F is a better way to go.
I also have a Yubikey NEO which I'm using most of the time.
 
The Yubikey standard is easy to implement, it supports all Yubikeys. U2F is a standard developed with Google and now maintained by FIDO, it supports modern Yubikeys and other devices. It is also very poorly documented and hard to implement.
 
The Yubikey standard is easy to implement, it supports all Yubikeys. U2F is a standard developed with Google and now maintained by FIDO, it supports modern Yubikeys and other devices. It is also very poorly documented and hard to implement.
I'm happy to see the yubikey standard
 
The Yubikey standard is easy to implement, it supports all Yubikeys. U2F is a standard developed with Google and now maintained by FIDO, it supports modern Yubikeys and other devices. It is also very poorly documented and hard to implement.

Still working on a Yubikey Addon?
 
i personally don't use this however i would love to see this implemented as any improvement that increases end user safety is welcomed by me :)
 
Still working on a Yubikey Addon?
It's on the list. U2F is a poorly documented protocol. It has a very detailed spec, not detailed usage information for developers though. I'd probably implement that over Yubikey's own, though. I'll probably look into it better in time.
 
The other addon used the the OTP (One Time Password) function of the Yubikey which was sufficient for us. I think it also had SSL yes/no and an option to use our own Yubikey OTP server or defaulted to using Yubikey's server for verification. Was pretty simple but an effective 2FA solution and alternative to Google Authenticator.
 
The other addon used the the OTP (One Time Password) function of the Yubikey which was sufficient for us. I think it also had SSL yes/no and an option to use our own Yubikey OTP server or defaulted to using Yubikey's server for verification. Was pretty simple but an effective 2FA solution and alternative to Google Authenticator.
That's easy.

I figured out U2F anyway. I'll get this out in a week or so, I suppose.
 
Can't wait! :) and I don't mind paying for this addon

This is great but we don't like branding and don't use enough of your addons to justify the monthly branding removal subscription.

Same here :)
I'll wait for robust his add-on.
 
Top Bottom