2FA via Webauthn (Touch ID support)
Overview
GitHub supports using a fingerprint reader (such as Touch ID, offered through the Macbook Pro) to use as a 2FA security key. We should allow a user to register a connected sensor as a registered 2FA device.
We should focus on Chrome, then Safari, then Firefox.
Proposal
- In
profile/two_factor_auth
, allow a user to set up and use a sensor as a 2FA device.- Note to the user that using the sensor for 2FA is only recognized by certain browsers. Users should maintain control of recovery keys.
This probably means we switch over/support to using Webauthn instead/in addition to U2F.
Edited by Jeremy Watson (ex-GitLab)