nickslowinski/mailcow-dockerized-docs
1
0
Fork 0
Code Issues Pull-Requests Projekte Releases Pakete Wiki Aktivität

Update model-fido2.md

Quellcode durchsuchen
Dieser Commit ist enthalten in:
André Peters 2020-11-15 08:39:05 +01:00 committet von GitHub
Ursprung 9beceaf2e6
Commit 66dcbf9f6c
Es konnte kein GPG-SchlĂĽssel zu dieser Signatur gefunden werden
GPG-SchlĂĽssel-ID: 4AEE18F83AFDEB23
1 geänderte Dateien mit 9 neuen und 1 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Diff-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

10
docs/model-fido2.md
Datei anzeigen

@ -1,6 +1,6 @@
## How is UV handled in mailcow?
The UV flag (as in "user verification") enforces WebAuthn to verify the user before it allows access to the key (think of a PIN). We don't enforce but prefer UV to allow logins via iOS and NFC (YubiKey).
The UV flag (as in "user verification") enforces WebAuthn to verify the user before it allows access to the key (think of a PIN). We don't enforce but prefer UV to allow logins via iOS and NFC (YubiKey). W
## Login and key processing
@ -13,3 +13,11 @@ When calling the login process, the authenticator is not given any credential ID
## Who can use WebAuthn to login to mailcow?
As of today, only administrators and domain administrators are able to setup WebAuthn/FIDO2.
## iOS problems
Please use a desktop computer to register your key with your mailcow account.
The process was tested using a YubiKey with Chrome on Windows. When registering a new, empty key, you will be prompted for a PIN for the new YubiKey. Once set and confirmed, the credentials are stored on the key. Using it with iOS works flawless now.
iOS seems not to be able to set a PIN on the device on first use, so please use a desktop computer for this step.