Yubico has tested our FIDO implementation and accepted the Hardware Security SDK in their “Works with YubiKey Program”. By entering the program we have joined a list of companies which hold some of the industry leaders like GitHub, Dropbox, and Twitter.
It could be that simple: Hold the FIDO security key against the smartphone and log in via NFC. Unfortunately, the quality of the connection depends strongly on how the NFC antenna is integrated in the smartphone. COTECH therefore collects device-dependent data to show the end user the best NFC location.
If you have an Android smartphone with NFC you are welcome to come to our booth on heise devSec 2019 and find the best NFC location together with us.
Since Version 11, Nextcloud supports Universal Second Factor (U2F) login within compatible browsers. Finally, Nextcloud‘s Android client provides U2F in version 3.8.
Security keys are an easy and exceptionally robust way for second-factor authentication. Recently, Nitrokey and Nextcloud partnered up to encourage this login mechanism. Now, COTECH joins as a software partner.
The result is a usable login flow: At the bottom, a dialog indicates that user interaction is needed during U2F login.