Add support for hardware security keys for 2FA

Comments

24 comments

  • zombiemilkshake

    I would like to third the Yubikey support request. Thx.

    3
  • AUSBird

    The QR login is only for convenience, not a replacement login flow. But hardware 2FA should be added.

    3
  • AUSBird

    I would also want to see this! Security these days is very important and want to secure as many accounts as i can and stop relying on my phone for MFA as they are in them selves a security risk... :)

     

    Yubikeys would be amazing to see support for

    2
  • Coldguy

    I would like the second the Yubikey support, as someone who is trying to tighten up their security having this as a feature would be huge.  I would go with the NFC 5 as a starting point but more keys would be great.  If the epic game store has this as a feature surely we can ask for it for discord.

    2
  • fudo

    Yes this would be a cool feature and in deed something that should happen. I would prefer to use the a hardware key to login over the qr scanning, what do you do if your phone is dead. 

    2
  • Tempus

    I too would like to see this.    SMS can be hijacked, and all other 2FA methods (including google authenticator), it's possible to man in the middle via multiple methods and still get to your account and the user would never know.   The Fido2U keys are the only truly secure MFA that can/t be bypassed if someone (for example) falls for a phishing attack.   The higher the profile of the person, the greater need for truly secure MFA and right now that's hardware keys of this sort.

    2
  • Lili

    Hi, I also would like to see this (I also have a Yubikey 5, and could us Yubico Authentificator too activate 2FA, but would prefer direct U2F use of the key, since then I need no app at all !)

    Also, if you add that, please let us add more than one key, since we often use at least 2 keys (one as backup).

    1
  • Tempus

    Agreed multiple keys would be nice.  Also once you add that, let us name them please, makes it a lot easier to manage, and tell it which one we want to use. 

    1
  • spezp

    This feature would be just amazing.

    1
  • xtremeownage

    2 years later. Hey discord, mind supporting hardware 2FA keys yet?

    1
  • Gregory

    Its happening guys!

    1
  • AUSBird

    Where is it happening?

    1
  • Deivedux

    Instead of asking for a specific protocol support, such as Yubikey or Google Titan Key, it would make more sense to look into U2F. As someone who owns a Nitrokey FIDO2, it's easier for the platform to support a universal standard rather than making them look into each individual proprietary key.

    But yes, I definitely want to see this being a thing. It will definitely not solve the compromised accounts' problem (because people are stupid), but adding more security, as a practice, shouldn't even be a hesitation to any company that respects account security of their users.

    0
  • andria_dev

    I would also like to see Discord implement support for a security key standard. I'm in support of FIDO and CTAP2 and perhaps U2F and CTAP1. Both the Google Titan line of security keys and the Yubico line of keys appear to support FIDO.

    0
  • Earanard

    Just adding another voice to this saying yes to u2f or similar.

    0
  • Parzival

    u2f please

    0
  • lostanddead

    I would also like to see support for this ASAP, discord has a kinda bad track record with security, maybe this could be a step forwards.

    0
  • james-cxx

    Security keys are now becoming commonplace.  The time is overdue for Discord to get on board.  I would be willing to help crowdfund support for security keys.

    0
  • AUSBird

    Agreed, they are more common now, the tech has matured. Though this should be something they just support if they give a crap about their user's security period.

    0
  • Quintenvw

    Small update from the Discord datamines: https://twitter.com/DiscordPreviews/status/1570204472554528769

    0
  • randomlatexfloof

    please just add it, its been 3 years and still no physical 2fa, if you truly care about account privacy you would have added this by now

    0
  • Echo

    yes please!

    0
  • BurningCubez

    +1

    0
  • Florian

    u2f would be great

     

    0

Please sign in to leave a comment.