Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Websites to include/update in the list #331

Open
KNTRO opened this issue Jan 19, 2023 · 6 comments
Open

Websites to include/update in the list #331

KNTRO opened this issue Jan 19, 2023 · 6 comments

Comments

@KNTRO
Copy link

KNTRO commented Jan 19, 2023

These are websites to be included/updated in the list at https://buybitcoinworldwide.com/dongle-auth/

  • accounts.firefox.com (supports OTP)
  • AnonAddy.me (supports OTP)
  • codeberg.org (supports both OTP and WebAuthn, FIDO2, U2F and multiple dongles)
  • Crowdin (supports OTP)
  • Discogs (supports OTP)
  • e.email / murena.io (supports both OTP and WebAuthn, FIDO2, U2F and multiple dongles)
  • Mailo (supports OTP)
  • Mastodon (now it also supports WebAuthn, FIDO2, U2F and multiple dongles)
  • MercadoLibre / Mercado Libre / Mercado Pago (supports OTP)
  • notabug.org (supports OTP)
  • Outlook.com / OneDrive (now it also supports WebAuthn, FIDO2, U2F and multiple dongles)
  • Plex (supports OTP)
  • Proton Mail (now it also supports WebAuthn, FIDO2, U2F and multiple dongles)
  • Proton VPN (supports OTP)
  • qiita.com (supports OTP)
  • simplelogin.io (supports both OTP and WebAuthn, FIDO2, U2F and multiple dongles)
  • Vimeo (supports OTP)
  • WordPress.com (supports both OTP and WebAuthn, FIDO2, U2F and multiple dongles)
@103058167
Copy link

@KNTRO This repository only looks at dongleauth.com, seems like that site has not been maintained for a while.
Seems like some of the update suggestions could be made here on dongleauth.com as well. Happy to submit a PR if you could give me some additional information about the documentation of each sites

@KNTRO
Copy link
Author

KNTRO commented Jan 19, 2023

@103058167 Sure!

I will include documentation for each website, next to its name/URL.

@103058167
Copy link

@KNTRO After having a closer look at the entry suggestions to be included, I can see that firstly the organization which you would like to include some lack documentation to suggest the support of WebAuthn, FIDO2, U2F or multiple dongles. I did some further search into some of the companies above but could find any

codeberg.org (supports both OTP and WebAuthn, FIDO2, U2F and multiple dongles)
e.email / murena.io (supports both OTP and WebAuthn, FIDO2, U2F and multiple dongles)
simplelogin.io (supports both OTP and WebAuthn, FIDO2, U2F and multiple dongles)
WordPress.com (supports both OTP and WebAuthn, FIDO2, U2F and multiple dongles)

Some organization which you wanted to include only had OTP, which I didn't add because dongleauth.com should be more focus on security as apart to just OTP, So I didn't include them

Discogs (supports OTP)
AnonAddy.me (supports OTP)
Mailo (supports OTP)
notabug.org (supports OTP)
qiita.com (supports OTP)

As for updates, I will submit a PR of those organization that I could validate to be true and for some of you suggested changes have already been made and I did not touch them (not listed)

accounts.firefox.com (supports OTP)
Crowdin (supports OTP)
MercadoLibre / Mercado Libre / Mercado Pago (supports OTP)
Outlook.com / OneDrive (now it also supports WebAuthn, FIDO2, U2F and multiple dongles)
Mastodon (now it also supports WebAuthn, FIDO2, U2F and multiple dongles)
Vimeo (supports OTP)

If you do happen to find documentation supporting U2F for the first 4 companies listed, please post them here so I can I have a look at them

jans23 added a commit that referenced this issue Jan 23, 2023
@JeGr
Copy link

JeGr commented Jan 31, 2023

@103058167
If I may add to two of your four companies:

Codeberg: https://docs.codeberg.org/security/2fa/#step-2%3A-navigate-to-the-security-tab-and-click-on-the-enroll-button

The screenshot from step 2 clearly shows the ability to add hardware tokens that have the FIDO U2F standard. I agree the documentation is about TOTP but the screen (and account backend) show the ability to work with that.

As to simplelogin: They were integrated into Proton as part of Proton Mail. They can still function and have accounts not linked to proton, but have the same backend base now, so support TOTP and FIDO/U2F:

image

image

I also wanted to add, that as the list already has entries with TOTP only that others supporting OTP should perhaps be considered.

And last, I checked the list and found a few entries wrong that nowadays support at least OTP or more. Nintendo Account/Network or Playstation Network are two of them, that jump to my mind, as PSN for example enforces/strongly encourages the use of 2FA via OTP at least when setting up a PS5 and after the Nintendo Account problems with older devices (DS/3DS etc) they also enabled 2FA for their Nintendo Account for all newer devices (e.g. Switch, eStore etc.) that are now OTP backed. Ubisoft Connect (no longer Uplay) also supports OTP 2FA for at least a few years now.

Cheers :)

@103058167
Copy link

@JeGr Will create a PR for the first two entries discuss, and will update Nintendo and Playstation companies in the near future.

103058167 added a commit to 103058167/dongleauth that referenced this issue Feb 1, 2023
jans23 added a commit that referenced this issue Feb 4, 2023
Added Simple login and Codeberg Issue #331
@dayoko-online-planner
Copy link

Great project. Please add Dayoko to your task management applications. We will implement it soon.
https://dayoko.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants