Security, account logins, 2FA, Hardware Key support
tracked
Paige Addams
It is wonderful we now have a strong implementation of 2FA support in both the viewers and the LL websites. To make the use of this easier without weakening security I would like to see support added for Hardware Keys such as Yubico and OnlyKey. This would allow users who wish to use a hardware key rather than entering a changing code. Depending on setup at implementation it is possible to make this more secure than is now and not make it more difficult or simply setup to be most flexible so providing support for this would provide a lot of flexibility. In addition, perhaps LL could become a partner of say Yubico (there are many others, but this is one of the most popular ones), perhaps even OnlyKey as well this would also provide another source of income for LL and make it easier for users that don't wish to find and purchase the key(s) themselves. Considering how many users are in SL this could be a massive deal for LL and companies they might partner with.
Log In
Maestro Linden
Merged in a post:
Add Yubikey support for MFA
Mister Acacia
If possible, include an option to use a Yubikey or similar device for multi-factor authentication. Such a token generator can be more convenient than an authentication app. On desktop/laptop one can connect the key via USB to send a token with a finger swipe. On mobile one can pass the key over the phone and authenticate via NFC. For me it would eliminate the step of launching an authentication app and trying to accurately copy the key into the viewer.
Unless this is already possible, then please document the setup procedure.
Thank you
Alisyn Baxton
Definitely voting for this! I use Yubikey constantly throughout the day for work, and don't mind extending it to SL. Allow the ability to register more than one Yubikey, too! (I alternate between two, one USB-A and one USB-C, depending on which computer I'm on at the time).
Alisyn Baxton
I just found this is a duplicate of the older https://feedback.secondlife.com/feature-requests/p/security-account-logins-2fa-hardware-key-support
Alisyn Baxton
Definitely voting for this! I use Yubikey constantly throughout the day for work, and don't mind extending it to SL. Allow the ability to register more than one Yubikey, too! (I alternate between two, one USB-A and one USB-C, depending on which computer I'm on at the time).
Zanya Resident
Seconded.
Zia Underwood
I like this even if both my yubi keys are just chilling on my desk collecting dust lol
Jessica Hultcrantz
Please consider support for yubikeys (plural). It would be beneficial for us who keeps a backup key at hand. Big companies like Google already support this.
Paige Addams
With 2FA via a hardware key like those I mentioned above we can have the same security we do now or better and beyond setup on the user end would only require pressing a button on the key or similar. We could authenticate daily increasing security and only need to press the flashing button like on yubi key for example. There is no down side. Providing this support is not so much for a specfic device rather more an industry standard depending on protocol used. I would not drop the software 2FA we have now because if someone loses their hardware key they can still get in remove the lost key and setup a new one. Some orginazations also provide recovery code in case a key is lost or damaged. Additionally, this could be another revenue source for LL either through sales an supplying, referral to vendors or something else.
Spidey Linden
marked this post as
tracked
Issue tracked. We have no estimate when it may be implemented. Please see future updates here.
Kathrine Jansma
It would be nice if it just supported either Passkeys and standard WebAuthn. Takes a little work to interface in the Viewer, but would be easy for the website.
Load More
→