Add two-factor-auth for YubiKey.
Thank you for your input. We will explore the possibility of implementing YubiKey in upcoming releases.
I also agree, please merge this feature suggestion with the WebAuthn one.
Agreed.... Webauthn would now be the best way forward at this point in time.
Michael Gabriel commented
general u2f/webauthn would be much more appreciated.
merge with https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/38640655-webauthn-two-factor-authentication-at-the-webinter ?
I created a new feature suggestion for the implementation of WebAuthn which is compatible with Yubikeys: https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/38640655-webauthn-two-factor-authentication-at-the-webinter
Mounes Kayyali commented
To Enable YubiKey (2FA) and our company (Sol distributor in Asia, Africa & CIS) will create YubiKey with laser engraved Plesk Logo
Stefan Murawski commented
there is already a php class for yubikey availalble. But the documentation for plesk extensions is that bad, that I want do that.
I can only request it too...
We have a YubiKey Plugin that we developed for internal usage, we might release it soon. Stay tuned. :)
With Clef announcing a cease of operations, now might be a good time to revisit alternative 2FA options.
Yubico is indeed a token provider. The yubikey OTP is a service they provide on most of their products, they also support U2F on most (if not all) of their new keys.
The biggest issue with U2F at this time is browser support. At this time only Chrome and Opera supports U2F natively. Firefox has the ability to support U2F through an excellent third-party plugin. There is no support for Safari and IE/Edge.
If Plesk supports yubikey AND U2F then it would offer the best of both schemes, open standard authentication through U2F, and cross-browser support for people who can't/won't switch browsers.
Martin C-R commented
i would like to see Yubikey and U2F implemented with plesk onyx as a part of a new security section
Ragnar Karlsson commented
I would like to see Yubikey and U2F implemented, that way the option remains for those who choose not to use U2F but still want two factor authentication.
While the U2F is an excellent standard, it has yet to be adopted by the majority of browsers. Yubikey would be a great implementation, particularly before U2F is widely adopted.
Yubikey is a token provider.
I would prefer that plesk supports the u2f standard, which aims to be universal.
If you develop the extension for the u2f standard then other token providers will work too as long as they conform to the standard.