Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
briar
briar
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 694
    • Issues 694
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 16
    • Merge Requests 16
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • briar
  • briarbriar
  • Issues
  • #65

Closed
Open
Opened Dec 01, 2015 by akwizgran@akwizgranOwner

Two-factor authentication

Add optional two-factor authentication to the Android app via NFC -- to log in, the user must tap a particular NFC tag as well as entering their password. Data from the NFC tag is incorporated into the PBKDF. This prevents brute force password cracking if the Android device is captured but the NFC tag is not.

NFC tags may be readable at long distances, so this won't prevent password cracking by an attacker who can read the NFC tag in advance.

This is weaker than 2FA protocols based on public keys, such as U2F, but those require a trusted server that can deny access to the account if the signature doesn't match.

Edited Nov 21, 2020 by Cleopatra
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: briar/briar#65