Thanks for bringing this up Bogdan. I fully agree, and I think it’s something that can ensure better account security for the RIPE members. I think as a minimum, multiple keys must be supported, and also, ideally, there should be an option to only use WebAuthn, and not any other system, such as fallback to TOTP. Antonis

On 2 Oct 2020, at 02:18, Bogdan I. <admin@redcluster.net> wrote:

Hello

What would be your opinion of implementing Webauthn / U2F by security keys for the RIPE NCC website's two factor authentication, in addition to the current TOTP system?

The current TOTP based system works fine, but i find using a physical security key to be more convenient and more secure.

-- Bogdan Ionescu Redcluster LTD

_______________________________________________ members-discuss mailing list members-discuss@ripe.net https://lists.ripe.net/mailman/listinfo/members-discuss Unsubscribe: https://lists.ripe.net/mailman/options/members-discuss/daknob%40daknob.net

Hello, First of all, thank you for the suggestions. We would also like to have more authentication options than the TOTP in RIPE NCC Access, such as U2F or biometrics/webauthn. The current setup with the ID Management tool used internally does not support the new protocols, and it is not trivial to implement them from scratch. Having said that, this is on our radar and if priorities allow us, we would like to explore new tools or services that provide more authentication/authorisation options. Best regards, Theo -- Theodoros Polychniatis Assistant Manager SW Engineering Dept. +31 652826817 RIPE NCC On 02/10/2020 02:18, Bogdan I. wrote:

Hello

What would be your opinion of implementing Webauthn / U2F by security keys for the RIPE NCC website's two factor authentication, in addition to the current TOTP system?

The current TOTP based system works fine, but i find using a physical security key to be more convenient and more secure.