[keycloak-dev] Why do I have to enter the OTP?
Stian Thorgersen
stian at redhat.com
Wed Jan 14 03:03:05 EST 2015
Look at YubiKey and FIDO U2F
----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Tuesday, 13 January, 2015 5:11:09 PM
> Subject: [keycloak-dev] Why do I have to enter the OTP?
>
> Why does a user have to enter in the OTP generated by their mobile
> device? Wouldn't it be cooler if the steps were:
>
> 1. Enter in username password in the browser
> 2. Browser blocks and wait for...
> 3. Press a button on your OTP iphone app
> 4. iphone app sends an HTTP message to Keycloak with username and
> generated OTP (in background)
> 5. Keycloak sees if a browser app is waiting for OTP verification, then
> verifies OTP if so.
> 6. Browser unblocks and lets user in.
>
> Now, the user doesn't ever have to enter the OTP (and mess it up like I
> do all the time). They just need their mobile device.
>
>
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list