Hello,
New here to Jolla phenomenon.
As other threads/posts I read here have mentioned, Apps like MS/Google Authenticator among others are now widely used by major corporation to enforce MFA.
So hope a push for MFA in v3 release is included and/or an alternative is added, but I know with Microsoft networks/corp.net you cant sign on unless using MS Authenticator as MFA app.
That’s one up high in the agenda IMHO that should roll out as a priority.
Thanks for pushing this privacy phone forward.
A.
Welcome on board!
What do you mean with v3 realease? There are various MFA native client. One is Foilauth — SailfishOS:Chum, a Sailfish OS software repository by the community
I’m curious, did you search about MFA in the forum before posting?
SailOTP works great too.
I meant Jolla Batch #3.
If MS/G auth app is not going to be supported, I suspect alot of people will still be carrying a 2nd smartphone to support MFA sing ons.
With corporate microsoft accounts, there is an option to use regular OTP 2FA. You are not forced to use microsoft’s app, although the option is a bit hidden by using a small link next to a flashy button.
At least, this was true when I needed it a couple of years ago, although I think still windows 11 era.
I used Foilauth with Google the other day and it worked without issues.
Why? Why would someone that chooses SailfishOS want to use those apps, if there are multiple native alternatives? And why would they want it so much, to carry a second smartphone around? This statement baffles me.
I’m using FoilAuth for Microsoft Teams login in the company, and it works!
It has also been tested with:
If you have a secondary or fallback SFOS device, don’t forget to secure your 2FA tokens on that unit by scanning and importing the QR code, for example. Printing it out and placing it in a secure location should also work (not tested).
You can also simply scp the relevant directories over. I did this last time I broke the screen on my phone which has ruled out using QR codes. One could also create a .tar.gz and store them somewhere as backup.
Thanks all for fast responses.
I am not sure about that, as for myself I am a contractor and you have to ensure you have a passkey saved on your phone during the enrollment process.
Organization can setup their MS 2FA how they like from multiple options. They can allow/block the usage of those 3rd party apps, have OTP, TOTP, enable SMS or even calling as a 2FA.
Yes. In my company all run with auth app and me with foilauth
None of the batches has any SW goals, for good reason.
SFOS has been around and usable for 12 years - you make it sound like some Kickstarter project that will promise random stuff they cannot deliver to drive sales.
So you want to switch away from big tech, and the install their locked-down apps the first thing you do. Come on.
Standard and open MFA works perfectly fine.
So today the list of “essential” apps is one, tomorrow it is two - and before long nobody can use any alternative OS ever again.
Passkeys are not MFA. They are just a lock-in managed password where the password manager pinky-promises to have biometrics - no actual enforcement possible.
You have a weird definition of usable.
Or allow MFA setup only on company managed devices. But then they usually provide you a phone anyway.
So it is pretty much a case by case situation, whether 3rd party app can be used or not.
offtopic:
I have been daily driving SFOS since the Narinkkatori event and haven’t had any backup phones or such, so I would say SFOS is pretty usable.
/offtopic
I’ve been doing the same -until recently- and it doesn’t even do what my linux running laptop can.
And this is a major issue.
There’s also YubiKey OTP app in case if you have YubiKey
Thank you. There’s a certain aesthetic to all of your apps that I very much like. I’m almost tempted to buy a YubiKey just to install another one. 