Skip to content
This repository has been archived by the owner on Aug 3, 2023. It is now read-only.

Implement TOTP ("Google auth") #55

Open
slush0 opened this issue Nov 6, 2018 · 3 comments
Open

Implement TOTP ("Google auth") #55

slush0 opened this issue Nov 6, 2018 · 3 comments
Labels
feature

Comments

@slush0
Copy link

slush0 commented Nov 6, 2018

TPM can be easily turned into second-factor application like Google Auth:

  • Server-provided secret is encrypted via CipherKeyValue and encrypted data stored in TPM
  • New method in trezor-core will accept encrypted data and current timestamp (possible use of Roughtime?) and generate OTP to show on display.

That way Trezor works as common second factor (on services where superior U2F is not supported) and all OTP secrets are backed up in TPM, which solves common problem of losing server-provided secrets with losing mobile phone.
@slush0 slush0 added the feature label Nov 6, 2018
@nickels
Copy link

nickels commented Jan 11, 2019

This would be an excellent addition!

@prusnak
Copy link
Member

prusnak commented Mar 26, 2019
edited
Loading

This depends on the firmware: https://github.com/trezor/trezor-core/issues/516

@ajbt200128 ajbt200128 mentioned this issue Mar 29, 2019
Closed
@zsoltsandor
Copy link

I second this.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@prusnak @slush0 @zsoltsandor @nickels