Closed Bug 1149244 Opened 9 years ago Closed 6 years ago

Provide a first-party OTP application

Categories

(Firefox OS Graveyard :: Gaia, defect)

Product:
Firefox OS Graveyard
Component:
Gaia
Platform:
All
Other
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: corey, Unassigned)

Details

>> Feature Request Title:
Provide a first-party OTP application

>> Description of feature, or problem to be solved
Two-factor authentication is becoming more important, but SMS is prohibitively expensive for some companies to offer as a factor-type. Many have switched to the "otpauth://" protocol, which is cheaper and more secure, but very cumbersome for end-users to set up. 

FFOS could provide a native OTP/passcode application to alleviate one of the major steps: Deciding on which store application to trust to handle OTP URIs.

In addition, the native support would ensure that OS upgrades would not damage the established account, and the application could not accidentally be deleted. Many OTP applications (looking at Google Authenticator) have terrible UI, user messaging, and poor migration pathways.

>> Impact of implementing the feature/solution
- Users may be more likely to use 2FA if they do not have to install a 2FA app from the store
- 2FA/OTP could be surfaced to the user in a very careful and thoughtful way, so as to not overwhelm them with security jargon
- 3rd-party products would create references and instructions for using FFOS (i.e. it would be a kind of marketing)

>> Impact of NOT implementing the feature/solution
3rd party applications may/must be added to the store to give FFOS more than 0 OTP support options

>> Date required
Firefox OS is not being worked on
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.