Automatic FIDO2 Login

Nextcloud version (eg, 20.0.5): 25.0.4
Operating system and version (eg, Ubuntu 20.04): Ubuntu 20.04.5 LTS
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.41
PHP version (eg, 7.4): 8.0.28

Hello, I would like to use FIDO2 [authentication without password]. However, by the time I clicked on “Log in with devices”, entered my username and then verified myself, I could have logged in normally. So unfortunately this is not a time-saver for me.

Therefore, the question: Is it possible to automatically start FIDO2 with my username when I call up the login page of my Nextcloud? It is a Nextcloud for me alone, I am the only user of the instance.

It is not primarily intended to be a time saver, but a security improvement. :wink:

I don’t think that’s possible, because your username is not stored on the FIDO2 device, so you have to enter it in any case. But maybe your browser could at least auto-complete it.

Or you could simply not log out on your trusted devices / browsers. And logging in on other devices is always something I would be careful with anyways.

Or you could implement some kind of single sign-on solution like OAUTH etc… But I’m not an expert on that and can’t give you any tips.

Another possibility would be to use a password manager with auto-fill capability and then use Webauthn as a second factor. Then username and password will be filled in automatically and you only have to press the button on the FIDO device and you are logged in.

1 Like