Is it possible for nextcloud to have a login option which is by scanning a QR code?
Let’s say we have the nextcloud app installed on our phone and logged in, and when we are outside using a public computer, we just scan the QR code on the login page using the app installed on our phone.
So we don’t need to type our password in public.
Maybe we can create a QR code that calls for the login information stored on our phone? Or we can go super fancy with tokens and stuff?
Well, the link you shared is for Android/IOS App login via QR code, which would be nice as well, for example a QR code in the “personal” page allowing people to login would be great.
What I am proposing for though, is login to web interface via phone app scanning a QR code displayed on the web interface login page, like this: https://wx.qq.com/?lang=en_US
The Two Factor TOTP Provider is good, but I think it will be better if we can just scan a QR code and login, without entering any login information in the browser, and since you are scanning it with your phone, you already have the two factor verification.
Or if you can integrate an exsiting one into the Nextcloud app, that would be awesome, too.
Because I think users might want to login using public computers, in my case, I might log in using a school computer. In that case, I don’t want to type in my login information, because there might be key-tracking software planted by other students, you never know.
I personally won’t consider U2F-device because it requires additional device that I will most certainly forget to bring with me, I have tried TOTP but it’s basically still entering password through keyboard, if the person enters the same code before the app refreshes, then s/he will gain access.
The design I proposed will completely eliminate the need of people to enter any thing in the login page, which I think is the safest option.
