On Thu, Apr 7, 2022 at 2:59 PM Michael Catanzaro <mcatanz...@gnome.org> wrote: > > On Thu, Apr 7 2022 at 02:41:42 PM +0000, Gary Buhrmaster > <gary.buhrmas...@gmail.com> wrote: > > I had thought there was an open (RFE) issue with > > gnome-online-accounts to request support for > > OTP use cases, although, as a hard problem, it > > is likely not going to see a resolution quickly. > > Well the whole point of gnome-online-accounts is to keep you > authenticated permanently. That just does not work if your kerberos > password is an OTP. I'm not sure what we could possibly change.
Thinking inside the box, I could imagine that if your authenticator token was generated from the key material inside your TPM chip, or secure enclave, or plugged in FIDO2 key, or proximity to some external device (say, your mobile device), that the experience could be (semi-) automated to renew authentication.
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
