Skip to content

Feature request: U2F support #2443

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
tidux opened this issue Dec 11, 2020 · 1 comment
Closed

Feature request: U2F support #2443

tidux opened this issue Dec 11, 2020 · 1 comment
Labels
feature New user visible feature security Security related

Comments

@tidux
Copy link

tidux commented Dec 11, 2020

Right now code-server depends solely on password authentication, which is a weakness. If you use code-server over the Internet from a compromised client device, your credentials get stolen. With U2F they'd still be locked out so long as they didn't physically steal a registered key device. My end goal here is to enable code-server to work on shared PCs like at a library or Internet cafe if we ever go back to normal, or just to protect against keyloggers.
@tidux tidux added the feature New user visible feature label Dec 11, 2020
@oxy oxy added the security Security related label Dec 13, 2020
@code-asher
Copy link
Member

We don't have any plans to implement other authentication modes at the moment. Our recommendation is to put something in front of code-server to handle authentication (this is more secure in the long run anyway).

Related: #1625

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature New user visible feature security Security related
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tidux @oxy @code-asher