On Thu, Apr 7, 2022 at 2:59 PM Michael Catanzaro <[email protected]> wrote: > > On Thu, Apr 7 2022 at 02:41:42 PM +0000, Gary Buhrmaster > <[email protected]> wrote: > > I had thought there was an open (RFE) issue with > > gnome-online-accounts to request support for > > OTP use cases, although, as a hard problem, it > > is likely not going to see a resolution quickly. > > Well the whole point of gnome-online-accounts is to keep you > authenticated permanently. That just does not work if your kerberos > password is an OTP. I'm not sure what we could possibly change.
Thinking inside the box, I could imagine that if your authenticator token was generated from the key material inside your TPM chip, or secure enclave, or plugged in FIDO2 key, or proximity to some external device (say, your mobile device), that the experience could be (semi-) automated to renew authentication.
_______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
