Apple/Google/Microsoft to accelerate rollout of passwordless sign‑in standard

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • krypton-ios

    Discontinued DEPRECATED Krypton turns your iOS device into a WebAuthn/U2F Authenticator: strong, unphishable 2FA.

    Here's the announcement on the website of the FIDO alliance: https://fidoalliance.org/apple-google-and-microsoft-commit-t...

    I hope this cross device system will be cross platform, but I wouldn't be surprised if you could only choose between macOS/iOS, Chrome/Chrome, or Edge/Edge sync.

    Funnily enough, a system for signing web authentication requests from a mobile device is far from new: I've been using https://krypt.co/ for years (though it's on the long road of sunsetting right now) and I hope that will last long enough for the new cross device standard to replace it.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • rust-u2f

    U2F security token emulator written in Rust

  • OpenSK

    OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

  • webauthn

    Web Authentication: An API for accessing Public Key Credentials

    At least the WebAuthN standard seems to be moving in a different direction [1].

    In a nutshell, it will be possible for relying parties (i.e. websites) to detect multi-device/backup capable authenticators if required, but disabling multi-device functionality would require a very explicit opt-out, not an opt-in, on the relying party's side.

    [1] https://github.com/w3c/webauthn/issues/1714

  • solo1

    Solo 1 firmware in C

    I absolutely agree that this is a thing that needs to be solved. I cobbled together my own solution using undocumented bits of the Solo firmware[1], but that's not nearly usable enough for average users.

    But here's the problem: outside of the hype bubbles, cryptocurrency stuff does not have a good reputation. If the only thing that supports this markets itself as a cryptocurrency wallet, that is going to hurt adoption. People generally do not buy devices in which they actively do not want the main feature.

    (I did remind myself of DiceKeys[2] while looking through my notes to find [1], but that has its own problems, such as "oh god what are you doing why does this involve OCRing a photograph of dice on my phone".)

    [1] https://github.com/solokeys/solo1/blob/4.1.5/fido2/ctaphid.c...

    [2] https://dicekeys.com/

  • kr

    Discontinued DEPRECATED A dev tool for SSH auth + Git commit/tag signing using a key stored in Krypton.

    > relaying auth requests to your phone for approval and storing secrets in the Secure Enclave

    Like https://github.com/kryptco/kr [key stored in a [...] mobile app]?

    Also, newer Macs have a Secure Enclave (supports 256-bit secp256r1 ECC keys):

    https://github.com/maxgoedjen/secretive [storing and managing SSH keys in the Secure Enclave [...] or a Smart Card (such as a YubiKey)]

    https://github.com/sekey/sekey [Use Touch ID / Secure Enclave for SSH Authentication!]

  • secretive

    Store SSH keys in the Secure Enclave

    > relaying auth requests to your phone for approval and storing secrets in the Secure Enclave

    Like https://github.com/kryptco/kr [key stored in a [...] mobile app]?

    Also, newer Macs have a Secure Enclave (supports 256-bit secp256r1 ECC keys):

    https://github.com/maxgoedjen/secretive [storing and managing SSH keys in the Secure Enclave [...] or a Smart Card (such as a YubiKey)]

    https://github.com/sekey/sekey [Use Touch ID / Secure Enclave for SSH Authentication!]

  • sekey

    Use Touch ID / Secure Enclave for SSH Authentication!

    > relaying auth requests to your phone for approval and storing secrets in the Secure Enclave

    Like https://github.com/kryptco/kr [key stored in a [...] mobile app]?

    Also, newer Macs have a Secure Enclave (supports 256-bit secp256r1 ECC keys):

    https://github.com/maxgoedjen/secretive [storing and managing SSH keys in the Secure Enclave [...] or a Smart Card (such as a YubiKey)]

    https://github.com/sekey/sekey [Use Touch ID / Secure Enclave for SSH Authentication!]

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Side channel vuln in Infineon crypto library

    3 projects | news.ycombinator.com | 3 Sep 2024
  • Yubico is merging with ACQ Bure and intends to go public

    6 projects | news.ycombinator.com | 19 Apr 2023
  • alternative to yubikey with requirements?

    1 project | /r/privacy | 20 Mar 2023
  • GitHub Mandates 2FA for All Developers

    1 project | /r/cybersecurity | 9 Mar 2023
  • On using bitwarden for TOTP:

    1 project | /r/Bitwarden | 1 Feb 2023