Allow using ONLY security keys as 2FA
I was very excited to see that security key support was added! Please now allow me to disable the authenticator app -- I only want my hardware keys as my second factor.
-
commented
Would be great to see them go beyond this and allow the use of webauthn or passkey as a passwordless authentication method
-
H commented
I would like to see security key support also. Proton could sell its own brand of security keys that are FIDO2 compliant and FIPS certified to compete with Feitian and Yubico.
-
JD commented
The fact that in order to have security key 2FA you need to also enable TOTP is terminally stupid.
Fix it. -
Anon303 commented
so you use auth app for codes? why not use your hardware key for that job as well?
my yubikeys are both my hardware tokens and my authenticators.
even added my flipperzero as hardware token.just change away from the random app you are using and go to.
-
Miicat commented
Agreed - the security is as good as the weakest link in the chain (in this case TOTP, which is susceptible to man-in-the-middle attack)
-
R commented
Agreed - it seems bizarre to support a high security feature yet force us to maintain a weaker second factor.
I suspect they are concerned about users getting permanently locked out of their accounts when they lose their security keys.
It should be noted that iCloud now support security keys only... and Google has done for a while.
I did note that when installing a new Proton VPN client the other day that only TOTP was available, it didn't support security keys. So maybe they are still adding support into their software.
-
Proton User commented
Agreed - TOTP is susceptible to man-in-the-middle attack.
There is an option to use either hardware/passkey security key or TOTP when login via the web interface but there's no option to use security key from the iOS app.
-
Bob commented
Updoots here, was about to post the same thing. It's dumb and incredibly frustrating that we take good steps in terms of security and then hamstring them with arbitrary restrictions.