The current WebAuthn support is really great. Painless configuration and operation. Is there a way to remove password authentication and just use the WebAuthn only for single factor, passwordless authentication? I don't see any obvious way to do this.
[SOLVED] FIDO2 / WebAuthn Only Single Factor Passwordless Authentication
- Thread starter utkonos
- Start date
-
- Tags
- authentication webauthn
no thats currently not supported, and i am not sure that we want that, but you could open a feature request here: https://bugzilla.proxmox.com
there others could chime in and we can better track it
there others could chime in and we can better track it
I vote for allowing at least hardware keys as a single factor. I use Trezor and the private key is securely stored in the device's Secure Element and cannot be read from it in any way. In conjunction with public key cryptography it is a much more secure solution than for example usernames and passwords.