U2F fido alliance

Have a great idea for extending Zimbra? Share ideas, ask questions, contribute, and get feedback.
User avatar
JDunphy
Outstanding Member
Outstanding Member
Posts: 319
Joined: Fri Sep 12, 2014 11:18 pm
Location: Victoria, BC
ZCS/ZD Version: Release 8.7.11_GA_1854.RHEL6_64.P7
Contact:

U2F fido alliance

Postby JDunphy » Sun Jul 29, 2018 6:43 pm

Does anyone know if Zimbra will support U2F or better yet FIDO 2 from the Fido alliance as one of the second factors at some point? I have a co-op student building us cheap u2f tokens for approx $4 each based on the u2fzero project and we are close to finished on the hardware side for her project. I still need to modify the code for some features we require and started to look into zimbra and what it would take. Anyone have anything to add on the difficulty of adding additional 2nd factors?... I saw the /opt/zimbra/docs/twofactorauth.md which is my starting point. Just curious if there is even a desire for this from the community???

For those that don't know, most browsers with the exception of safar now have native U2F support. The U2Fzero project uses a hardware secure enclave (ATECC508A) and is fairly immune to attacks even on machines with keyloggers and other malware installed.

Ref: ATECC508A and http://ww1.microchip.com/downloads/en/DeviceDoc/20005927A.pdf


Return to “Developers”

Who is online

Users browsing this forum: No registered users and 5 guests