Using SSL Client Certificates to login

cinnion

New Member
I have noticed that using TOTP applications such as Google Authenticator or Authy for 2FA is supported for enhanced security, but how about the use of SSL client certificates one can get through places like CAcert.org? With the use of 2048-bit keys to verify the user's email address and grant access, it seems to me that unless you had a passphrase of 256+ characters, it would be superior to using a passphrase, and actually would also be at least of comparable, if not superior security to TOTP, even if the latter using HMAC-SHA-512 and the typical 160-bit secret. And at the same time, it would make it far more convenient an option for logging in for normal use, saving the other for a backup means. Thoughts??
 

sproskin

Administrator
Staff member
Hello.

Thank you for your feedback.

This would technically fall under a feature request which I can forward to our developers, however I do know that there is ongoing development work on a new front-end website which I do not have an ETA for. It could be some time before that site is implemented.

As far as this specific feature being added, I will forward your request to our developers. Perhaps they are implementing something along those lines.
 
Top