Am I misguided in my goals, or is this type of scheme possible with the existing 2FA schemes? So basically, I would go to Google, and log in, and when the browser asks for the 2FA step, I could then run a Python script (or application) that retrieves my secret key and completes the 2FA handshake in place of a Yubikey. Ideally, I would like to write my own Python script that behaves as a virtual Yubikey. Again, any references would be appreciated. A Python script that is functionally equivalent to a Yubikey in that it implements the API interface with the appropriate "client to authenticator protocol" to interact with your secret key. Are there any WebAuthn/FIDO2 development libraries (preferably in Python) that let you write your own authenticator applications (virtual Yubikeys)? i.e.Do such components currently exist (preferably open source ones), and are there any you know about or can recommend?.A virtual Yubikey implemented as a software application or device driver. Can I write a pure software component (no hardware or USB key) that speaks the "client to authenticator protocol" and does the authentications in place of a Yubikey? i.e.Furthermore, the "client to authenticator protocol" is just a software API on the platform side. Basically, a Yubikey is just a hardware container for your secret key that's somewhat protected, but easy to interact with.
It occurs to me that WebAuthn/FIDO2 2FA methods are just software APIs, and in just provide methods for interacting with your secret key to prove you have it. In my research, I've been looking at the FIDO alliance website: I'm also generally interested in understanding the technology used in 2FA authentication devices.
I don't currently use 2FA on my accounts, and I'm reluctant to use SMS or USB Yubikey-like devices for 2FA but I'm interested in alternatives and still leveraging the 2FA security principles. If reports are to be believed, Google and others are starting to force 2FA on user accounts starting late ~2021:
0 kommentar(er)
