Hi all,
As part of our efforts to ensure that our customer accounts are protected with the strongest possible security, we are introducing the ability to secure your account via a FIDO-U2F / FIDO2 / WebAuthn capable security key.
These devices do not require you to use an authenticator app to type in a code, instead you simply tap the device that is inserted into your computer to authenticate. The WebAuthn feature is supported in all major browsers across all platforms.
Specifically for Mac users, experimental support exists in Safari 12.1, and full support exists in Safari Technology Preview.
If you have such a device, you can add it to your account via the Two-step verification page in your account.
You can enable this alongside any other methods of two-factor authentication, so if you still need the "Verification code via app" method for mobile login, you don't have to disable it. Please be aware that if you only enable "Verification via security key" and you attempt to access the site on a device that does not support security key authentication, you will need to use a backup code or you will be unable to access the site on that device.
This feature will be released as part of an update to DragonByte Security following a sufficient testing period here @ this site.
For those interested, the library that powers this feature is open source and can be found on GitHub: web-auth/webauthn-framework.
As part of our efforts to ensure that our customer accounts are protected with the strongest possible security, we are introducing the ability to secure your account via a FIDO-U2F / FIDO2 / WebAuthn capable security key.
These devices do not require you to use an authenticator app to type in a code, instead you simply tap the device that is inserted into your computer to authenticate. The WebAuthn feature is supported in all major browsers across all platforms.
Specifically for Mac users, experimental support exists in Safari 12.1, and full support exists in Safari Technology Preview.
If you have such a device, you can add it to your account via the Two-step verification page in your account.
You can enable this alongside any other methods of two-factor authentication, so if you still need the "Verification code via app" method for mobile login, you don't have to disable it. Please be aware that if you only enable "Verification via security key" and you attempt to access the site on a device that does not support security key authentication, you will need to use a backup code or you will be unable to access the site on that device.
This feature will be released as part of an update to DragonByte Security following a sufficient testing period here @ this site.
For those interested, the library that powers this feature is open source and can be found on GitHub: web-auth/webauthn-framework.
