(Yubico/Yubikey) Challenge-Response authentication


Adding support for Challenge-Response authentication (to be used simultaneously with the existing password, maybe similarly to how KeePassXC has implemented it as a password booster) would greatly strengthen the security of the user’s password (weakest link by far) while also acting as a short of second factor.

The advancements in hardware keys and their rapidly increasing usage among users make this a very important feature to have. Please note that some hardware keys support NFC for mobile use, but in any case, this is primarily aimed for vaults that are not meant to be shared with mobile devices. Users can opt-in to protect specific vaults either without mobile support or by using an NFC key for mobile if that is required.

I see there was a mention before but I am not sure if it is on the roadmap. I think it should definitely be, please consider this important feature soon:

Any plan for supporting for two-factor authentication, based on hardware tokens?

I feel like cryptomator development is pretty much dead at this point, the few commits recently are mostly fixes for rare edge case and boring maintenance while the issues that interest me have been stale for 3-4 years and vet auto-closed for inactivity. I should probably start looking for an alternative or whip up my own solution based on rclone. You would think a promising, widely adopted project like this would get a little more love from its devs, after all 10€ per license and the supporter certificates as well as donations should be incentive enough :cry:

Look at this graph*: https://github.com/orgs/cryptomator/repositories

As you can see, there is a whole lot of activity. Development of Cryptomator is pretty much not dead at this point.

Of course, if you focus your attention on some issues that haven’t seen any activity for several years, I can understand your viewpoint. In that case, Cryptomator is probably the wrong product for you and you may whip up your own solution that fit your exact needs.

For all the other people, we’re still very happy to implement exciting features for Cryptomator and fix “boring” bugs.


I’m a Cryptomator user’s for many years (nearly since 2017 I think), in conjunction with Owncloud. First I used Windows clients in conjunction with Android, and finally on Linux when I switched to it in 2019.
Cryptomator stay very simple and usable even for newbies, I love its simplicity. Stay like that, no need to complicate it.
However, and indeed, it could be great to add support for challenge-response hardware keys like Yubikey. I bought two of these and I think it’s a good thing. I keep on using Cryptomator a I would be glad to possibly use my Yubikey with it :wink:
Many thanks to the Cryptomator team.


1 Like
© 2021 Skymatic GmbH • Privacy PolicyImpressum