<div>That's for sure a great feature for Keycloak +10000. We planned something last year (http://staging.aerogear.org/docs/planning/roadmaps/AeroGearSecurity/), but due to other priorities we didn't even started.</div>
<div class="mailbox_signature">
<br>—<br><br>abstractj<br>PGP: 0x84DC9914</div>
<br><br><div class="gmail_quote"><p>On Tue, Jan 13, 2015 at 2:41 PM, Bill Burke <span dir="ltr"><<a href="mailto:bburke@redhat.com" target="_blank">bburke@redhat.com</a>></span> wrote:<br></p><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><p>Cool. I knew it couldn't be a unique idea.
<br><br>On 1/13/2015 11:34 AM, Bruno Oliveira wrote:
<br>> I think what you meant was something like this
<br>> https://www.duosecurity.com/product/user-experience/authentication,
<br>> right?
<br>>
<br>> On 2015-01-13, Bill Burke wrote:
<br>>>
<br>>>
<br>>> On 1/13/2015 11:19 AM, Summers Pittman wrote:
<br>>>> On 01/13/2015 11:11 AM, Bill Burke wrote:
<br>>>>> Why does a user have to enter in the OTP generated by their mobile
<br>>>>> device? Wouldn't it be cooler if the steps were:
<br>>>>>
<br>>>>> 1. Enter in username password in the browser
<br>>>>> 2. Browser blocks and wait for...
<br>>>>> 3. Press a button on your OTP iphone app
<br>>>>> 4. iphone app sends an HTTP message to Keycloak with username and
<br>>>>> generated OTP (in background)
<br>>>>> 5. Keycloak sees if a browser app is waiting for OTP verification, then
<br>>>>> verifies OTP if so.
<br>>>>> 6. Browser unblocks and lets user in.
<br>>>>>
<br>>>>> Now, the user doesn't ever have to enter the OTP (and mess it up like I
<br>>>>> do all the time). They just need their mobile device.
<br>>>>>
<br>>>>>
<br>>>>>
<br>>>> Even better, in Android this can be done from an interactive
<br>>>> notification. You won't even need to open the app.
<br>>>>
<br>>>
<br>>> Probably the same in iOS, no?
<br>>>
<br>>> --
<br>>> Bill Burke
<br>>> JBoss, a division of Red Hat
<br>>> http://bill.burkecentral.com
<br>>> _______________________________________________
<br>>> keycloak-dev mailing list
<br>>> keycloak-dev@lists.jboss.org
<br>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
<br>>
<br>> --
<br>>
<br>> abstractj
<br>> PGP: 0x84DC9914
<br>>
<br><br>--
<br>Bill Burke
<br>JBoss, a division of Red Hat
<br>http://bill.burkecentral.com
<br></p></blockquote></div><br>