Solved Two Factor Authentication Scheme for Vivaldi.net Account
-
@jane-n said in Two Factor Authentication Scheme for Vivaldi.net Account:
2FA both with TOTP and hardware key
Then you will get a happy Nitrokey user, me.
️ -
2FA is urgently needed. I don't like to change my password every week. This is discussed for over 2 years now, and I think it's time for a release..
-
@thomasbeling Hello, a just a bit further up in the topic is a comment by one of our team members saying this is something we're actively working on and explaining a bit about the process. If you've not read it yet, it might help you tide yourself over until we're able to release.
-
@thomasbeling said in Two Factor Authentication Scheme for Vivaldi.net Account:
I don't like to change my password every week.
2FA or not, you shouldn't be doing that anyways. Changing a password so regularly is counterproductive and a complete waste of your time.
Sources:
- Frequent password changes are the enemy of security, FTC technologist says - Ars Technica
- Microsoft says mandatory password changing is “ancient and obsolete” - Ars Technica
- Stop Changing Your (Strong, Unique) Passwords So Much - PCMag
- Should You Change Your Passwords Regularly? - How-ToGeek
And a relevant XKCD comic.
-
@jane-n More important to get some 2FA rolled out, say TOTP, then add support for hardware keys later.
-
@jane-n When can we expect it?
-
@gerst As you can see, the Vivaldi team is already working on this feature (IN PROGRESS), but it may be a while before it is released.
-
This is highly important.
I also really need this please, an example case is described here: https://forum.vivaldi.net/topic/83083/few-question-about-security-and-vivaldiFeature Request 1:
I would like Vivaldi to ask for a Hardware Key (YubiKey) when opening the browser.
So it would be completely locked.
And also the option for a time-out lock.
An example case is described in the link above, and i'm sure a security specialist can explain it much better. Here is another case:
A shared computer at work:
Say there is a station in work (or home) that you share with other people. Each one can have their own browser (or accounts within browsers) and don't won't to keep signing in and out and deleting all the data for when not using it.Feature Request 2:
An article for dummies, or you know.. normal humans, who don't know much about security in which Vivaldi team explains in regular terms how safe the encrypted data (passwords mostly and other data) that is stored locally.
So even in the case that someone has copied Vivaldi's local files secretly, they wouldn't be able to crack them.
What is encryption type, etc... -
The web team is working currently on 2FA for mail-account as i know, no timeline.
-
@ChimeraLove said in Two Factor Authentication Scheme for Vivaldi.net Account:
Feature Request 1:
I would like Vivaldi to ask for a Hardware Key (YubiKey) when opening the browser.Unlock the Vivaldi app by a hardware key?
is not planned yet. /edit: I could not find a request in internal tracker, perhaps such was discussed internally some years ago and i missed it. -
-
@ChimeraLove said in Two Factor Authentication Scheme for Vivaldi.net Account:
I would like Vivaldi to ask for a Hardware Key (YubiKey) when opening the browser.
Your request sounds similar to this feature request: Master Password Protected Mode to Protect your Profile
The thing is that locking only the user interface with a password gives a false sense of security as anyone with a bit more knowledge about computers can still access your browsing data through the browser's profile files and, AFAIK, locking the profile itself is not trivial.
Regarding the second request about a blog, we do have something similar in the pipeline.To add on to @DoctorG's comment. Once 2FA is fully implemented (atm, it looks like it'll go out in stages), when you have enabled 2FA, it will be applied to all services. I.e. it's not possible to only have 2FA enabled for webmail. When enabled, you'll be asked for the second verification before being logged in to any of Vivaldi's services - Forum, Blogs, Vivaldi Social, Themes, Sync, Webmail.
-
@jane-n said in Two Factor Authentication Scheme for Vivaldi.net Account:
The thing is that locking only the user interface with a password gives a false sense of security as anyone with a bit more knowledge about computers can still access your browsing data through the browser's profile files
It is indeed easy checking the browser data like history without opening Vivaldi, so this is why I requested it in the post above.
I request that everything will be secured and encrypted.
Just think of the potential audience for Vivaldi.
Companies that have hundreds of employees working with shared computers or sensitive data that decide it is mandatory to use only Vivaldi with personal hardware keys as their browser.
Also it will put Vivaldi at the front of browser security and privacy.
With a promise that all the data is encrypted!Are you talking about ease of access to history browser data, right? Not the passwords that stored locally I hope.
A question, if someone isn't using Windows 11 with bitlocker or some other type of encryption, what is the encryption of the passwords that are stored locally?
Or if bitlocker for example is enabled, are the passwords double encrypted?I believe a clear and detailed promise of encryption and security of passwords and rest of the data is a strong marketing point for Vivaldi and will bring more users!
Thank you
-
@ChimeraLove Bitlocker encrypts the Windows folder/disc.
Vivaldi encrypts login database with Windows Data Protection's key.
If you need a lock of Vivaldi app against starting, you need to buy third-party software. -
Two-factor authentication (2FA) we wait!
-
Shouldn't "Hardware Key Auth" / 2FA be already available since 5.6 or am I missing sth here?
https://vivaldi.com/blog/vivaldi-on-android-5-6/
"The new Vivaldi 5.6 on Android offers a customizable menu bar, more secure logins with Hardware Key Authentication..."
-
@glx This thread is not about browser having 2FA ability
Adding 2FA is on progress for Vivaldi Webmail and other Vivaldi Services.
-
We have now added the ability to secure your Vivaldi.net accounts with a second factor. You can read more about the change here.
-
Ppafflick marked this topic as a question on -
Ppafflick has marked this topic as solved on
-
Ppafflick moved this topic from Community & Services Feature Requests on
