Solved Two Factor Authentication Scheme for Vivaldi.net Account
-
@fvdhorst 2FA/FIDO2 is in pipeline, no progress for a release.
-
thanks, keep my fingers crosssed
greetings -
Wow...now in Progress
-
I do not know why this should be "In Progress", i do not see progress in bug tracker on 2FA/FIDO for vivaldinet.I was wrong. See post https://forum.vivaldi.net/post/561672
-
@doctorg
perhaps some magic behind thescenesbugs -
I asked a web backend dev now, and he said: It is really In Progress
That is all i am allowed to tell.
And yes, i am curious too, what will come, and sorry, i can not test internally the 2FA of vivaldinet. -
Absolutely a must and a priority. Given the forward-thinking/cutting-edge nature of Vivaldi, its userbase, and the fact that Vivaldi services include e-mail I can hardly believe this was not implemented from the very beginning.
Two-factor verification should allow for the use of TOTP codes, registering two U2F hardware keys (one for backup), and optional switch-on secondary 2FV Vivaldi mobile app integration
(In other words, after using TOTP/U2F to login to Vivaldi services on your mobile app any subsequent logins can be confirmed by a mobile app sending you an "is this you?" pop-up; this could also be a six digit code as well--see Telegram implementation of additional logins to understand what I mean.)
As NFC becomes more ubiquitous it could be equally easy to simply tap your hardware key rather than press OK on your mobile device (depending on where either happens to be at any one point in time) so all options should available.
-
Vivaldi Mail 1.0 has been officially launched and still no 2FA?
Probably a joke.
No Vivaldi mail for me and it also means that security is clearly not a priority for the Vivaldi team. -
We're actively working on it, but as you can log in to many different services with a Vivaldi account (Sync, Webmail, Forum, etc.), we need to make sure 2FA works with all of them on both desktop and mobile. In addition, we want to support 2FA both with TOTP and hardware keys, so that takes some time as well.
-
@jane-n said in Two Factor Authentication Scheme for Vivaldi.net Account:
2FA both with TOTP and hardware key
Then you will get a happy Nitrokey user, me. ️
-
2FA is urgently needed. I don't like to change my password every week. This is discussed for over 2 years now, and I think it's time for a release..
-
@thomasbeling Hello, a just a bit further up in the topic is a comment by one of our team members saying this is something we're actively working on and explaining a bit about the process. If you've not read it yet, it might help you tide yourself over until we're able to release.
-
@thomasbeling said in Two Factor Authentication Scheme for Vivaldi.net Account:
I don't like to change my password every week.
2FA or not, you shouldn't be doing that anyways. Changing a password so regularly is counterproductive and a complete waste of your time.
Sources:
- Frequent password changes are the enemy of security, FTC technologist says - Ars Technica
- Microsoft says mandatory password changing is “ancient and obsolete” - Ars Technica
- Stop Changing Your (Strong, Unique) Passwords So Much - PCMag
- Should You Change Your Passwords Regularly? - How-ToGeek
And a relevant XKCD comic.
-
@jane-n More important to get some 2FA rolled out, say TOTP, then add support for hardware keys later.
-
@jane-n When can we expect it?
-
@gerst As you can see, the Vivaldi team is already working on this feature (IN PROGRESS), but it may be a while before it is released.
-
This is highly important.
I also really need this please, an example case is described here: https://forum.vivaldi.net/topic/83083/few-question-about-security-and-vivaldiFeature Request 1:
I would like Vivaldi to ask for a Hardware Key (YubiKey) when opening the browser.
So it would be completely locked.
And also the option for a time-out lock.
An example case is described in the link above, and i'm sure a security specialist can explain it much better. Here is another case:
A shared computer at work:
Say there is a station in work (or home) that you share with other people. Each one can have their own browser (or accounts within browsers) and don't won't to keep signing in and out and deleting all the data for when not using it.Feature Request 2:
An article for dummies, or you know.. normal humans, who don't know much about security in which Vivaldi team explains in regular terms how safe the encrypted data (passwords mostly and other data) that is stored locally.
So even in the case that someone has copied Vivaldi's local files secretly, they wouldn't be able to crack them.
What is encryption type, etc... -
The web team is working currently on 2FA for mail-account as i know, no timeline.
-
@ChimeraLove said in Two Factor Authentication Scheme for Vivaldi.net Account:
Feature Request 1:
I would like Vivaldi to ask for a Hardware Key (YubiKey) when opening the browser.Unlock the Vivaldi app by a hardware key?
is not planned yet. /edit: I could not find a request in internal tracker, perhaps such was discussed internally some years ago and i missed it. -