(Yubico/Yubikey) Challenge-Response authentication

Hello,

Adding support for Challenge-Response authentication (to be used simultaneously with the existing password, maybe similarly to how KeePassXC has implemented it as a password booster) would greatly strengthen the security of the user’s password (weakest link by far) while also acting as a short of second factor.

The advancements in hardware keys and their rapidly increasing usage among users make this a very important feature to have. Please note that some hardware keys support NFC for mobile use, but in any case, this is primarily aimed for vaults that are not meant to be shared with mobile devices. Users can opt-in to protect specific vaults either without mobile support or by using an NFC key for mobile if that is required.

I see there was a mention before but I am not sure if it is on the roadmap. I think it should definitely be, please consider this important feature soon:

Any plan for supporting for two-factor authentication, based on hardware tokens?

I feel like cryptomator development is pretty much dead at this point, the few commits recently are mostly fixes for rare edge case and boring maintenance while the issues that interest me have been stale for 3-4 years and vet auto-closed for inactivity. I should probably start looking for an alternative or whip up my own solution based on rclone. You would think a promising, widely adopted project like this would get a little more love from its devs, after all 10€ per license and the supporter certificates as well as donations should be incentive enough :cry:

Look at this graph*: https://github.com/orgs/cryptomator/repositories

As you can see, there is a whole lot of activity. Development of Cryptomator is pretty much not dead at this point.

Of course, if you focus your attention on some issues that haven’t seen any activity for several years, I can understand your viewpoint. In that case, Cryptomator is probably the wrong product for you and you may whip up your own solution that fit your exact needs.

For all the other people, we’re still very happy to implement exciting features for Cryptomator and fix “boring” bugs.

2 Likes
© 2021 Skymatic GmbH • Privacy PolicyImpressum