Hey! I bought new Solokeys U2F Authenticator USB. Unfortunately I see that your apps doesn’t support it. In my opinion it’s great add to security and one more layer to two-way authentication
Info of those:
dongleauth[.]info, but I can’t link it lol.
This sounds a lot like smart card functionality, which I also want. I think there’s a couple of ways it can be done, one without even smart card functionality. One way is to implement support for OpenPGP card and allow for authentication via the authentication key slot. The other way is to allow for authentication via FIDO2 challenge-response and implement the behavior such that when that specific key is removed (every key has a unique ID), the vault is locked again. Both behaviors are platform agnostic, but the second won’t require gpg.