|
|
Subscribe / Log in / New account

GitLab 10.0 Released

GitLab 10.0 Released

Posted Sep 24, 2017 13:03 UTC (Sun) by dsommers (subscriber, #55274)
In reply to: GitLab 10.0 Released by ms
Parent article: GitLab 10.0 Released

With U2F, the browser talks directly with the USB token - so neither you nor the the site implementing U2F authentication will ever have direct access to the key used to authenticate you. While with TOTP/HOTP "mode" is based on a shared key between user and server which is easily accessible at least when configuring it.

For U2F to function, the browser needs to support it. Google Chrome/Chromium supports it out-of-the-box, while with Firefox this add-on[1] works most of the time (not with Atlassian's login for some reaon)

[1] https://addons.mozilla.org/en-GB/firefox/addon/u2f-suppor...

More details on U2F can be found here:
https://developers.yubico.com/U2F/

to post comments

Firefox and U2F support

Posted Sep 24, 2017 16:13 UTC (Sun) by iarenaza (subscriber, #4812) [Link]

Firefox nightly already has beta support for FIDO U2F and AFAIK, the intention is to ship stable support in FF 57. If you want to keep an eye on this, follow https://bugzilla.mozilla.org/show_bug.cgi?id=1065729


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds