With the release of the WebAuthN support for U2F in 1Password, any plans to support that on the CLI?
1Password Version: Not ProvidedExtension Version: Not ProvidedOS Version: Not ProvidedSync Type: Not Provided
We don't have anything to announce with regard to U2F, but it's certainly something that we can continue to evaluate as far the CLI after work on the beta is out of the way. It's not likely something that would be added specifically for the CLI though, as it would need to be involved at the account level, since it's an authentication technology.
When I started to play with the CLI, one of the most annoying features was certainly the need to grab my authentication code. As by default and without some additions, you have to log in really often that was really really a lack of time.
To improve that, I developed a bunch of scripts and a CLI authentication code provider, so for now, I am happy with that.
But I guess that it would be helpful for CLI newcomers that have enabled a second-factor authentication.
So, I can second that to be able to replace the authentication code by a Yubikey would be really helpful.
Thanks for the input @mickael. The experience for a first time user is something we need to look at in more detail.
Just wanted to also second the request to support U2F in the CLI. Currently trying to lock down our AWS production environment by requiring Yubikey U2F to access anything, but having trouble securing the Access Keys. Having them stored in 1Password and requiring the Yubikey U2F to access would be ideal. I look forward to seeing any future progress!
Thanks @Endareth. We hear your feedback Its good to know your use case.
Wanted to echo the request for U2F support in the CLI. I wish I could use my YubiKey to log in from the terminal instead of being forced to open Google Authenticator.
To everyone in this thread: We don't have any short-term plans to add U2F support to the CLI, but it is something we want to add eventually.
We did however add support for persistent MFA in version 0.6, so you'll only need to enter your 6 digit code one time, after which your device will remain authenticated and you'll only need the master password thereafter.