Support for WebAuthn (FIDO2) #3396

New Issue

OVERLORD · 2026-02-05T06:35:27+03:00

OVERLORD commented

2026-02-05 06:35:27 +03:00

Originally created by @Android1338 on GitHub (Dec 11, 2022).

Describe the feature you'd like

I'd like to have the option to use my FIDO2 security token as 2FA.

Describe the benefits this would bring to existing BookStack users

Expand user account security

Can the goal of this request already be achieved via other means?

Actually only via TOTP, which is working great.
So, this is just additional.

Have you searched for an existing open/closed issue?

I have searched for existing issues and none cover my fundemental request

How long have you been using BookStack?

1-5 years

Additional context

No response

Originally created by @Android1338 on GitHub (Dec 11, 2022). ### Describe the feature you'd like I'd like to have the option to use my FIDO2 security token as 2FA. ### Describe the benefits this would bring to existing BookStack users Expand user account security ### Can the goal of this request already be achieved via other means? Actually only via TOTP, which is working great. So, this is just additional. ### Have you searched for an existing open/closed issue? - [X] I have searched for existing issues and none cover my fundemental request ### How long have you been using BookStack? 1-5 years ### Additional context _No response_

OVERLORD added the 🔨 Feature Request 🚪 Authentication labels 2026-02-05 06:35:27 +03:00

OVERLORD commented

2026-02-05 06:35:28 +03:00

@rodude123 commented on GitHub (May 28, 2023):

This is something that I'd like to use

@rodude123 commented on GitHub (May 28, 2023): This is something that I'd like to use

OVERLORD commented

2026-02-05 06:35:31 +03:00

@TheRazvy commented on GitHub (Jul 30, 2023):

that would help me too. +1

@TheRazvy commented on GitHub (Jul 30, 2023): that would help me too. +1

OVERLORD commented

2026-02-05 06:35:33 +03:00

@chrisweeksnz commented on GitHub (Oct 16, 2023):

Being able to upgrade to physical tokens from TOTP would be an excellent forward step!

@chrisweeksnz commented on GitHub (Oct 16, 2023): Being able to upgrade to physical tokens from TOTP would be an excellent forward step!

OVERLORD commented

2026-02-05 06:35:36 +03:00

@ssddanbrown commented on GitHub (Oct 26, 2023):

I'd quite like to add this, even just as a way to learn the WebAuthn standard.
I have though been holding off due to passkeys becoming a bigger deal. There's a lot of overlap with WebauthN.

If anyone has experience/knowledge of both passkeys and webauthn, and how these fit together both now and in the future, both from a technical and UX point of view, I'd appreciate feedback.
Just don't want to to cause trouble for myself in the future.

@ssddanbrown commented on GitHub (Oct 26, 2023): I'd quite like to add this, even just as a way to learn the WebAuthn standard. I have though been holding off due to passkeys becoming a bigger deal. There's a lot of overlap with WebauthN. If anyone has experience/knowledge of both passkeys and webauthn, and how these fit together both now and in the future, both from a technical and UX point of view, I'd appreciate feedback. Just don't want to to cause trouble for myself in the future.

OVERLORD commented

2026-02-05 06:35:41 +03:00

@kekonn commented on GitHub (Apr 4, 2024):

I would like this as well. I have trouble setting up TOTP in Bitwarden, so Passkey support would mean I can choose to use either my Yubikey or Bitwarden.

@kekonn commented on GitHub (Apr 4, 2024): I would like this as well. I have trouble setting up TOTP in Bitwarden, so Passkey support would mean I can choose to use either my Yubikey or Bitwarden.

OVERLORD commented

2026-02-05 06:35:44 +03:00

@ew98 commented on GitHub (Jan 1, 2025):

Agree with other folks above. Use of h/w key authentication as an option improves ux bigtime. BookStack rocks!

@ew98 commented on GitHub (Jan 1, 2025): Agree with other folks above. Use of h/w key authentication as an option improves ux bigtime. BookStack rocks!

OVERLORD commented

2026-02-05 06:35:47 +03:00

@vmario89 commented on GitHub (Jan 6, 2025):

i started to rollout passkeys whereever possible, using KeePassXC addon for Firefox. Seems only 0.0000001% of the web is using passkeys right now. Hope it will quickly evolve as it is the best time saver in the login procedure. giving back the comfort we have had 15 years ago, when the web was easy.

@vmario89 commented on GitHub (Jan 6, 2025): i started to rollout passkeys whereever possible, using KeePassXC addon for Firefox. Seems only 0.0000001% of the web is using passkeys right now. Hope it will quickly evolve as it is the best time saver in the login procedure. giving back the comfort we have had 15 years ago, when the web was easy.

OVERLORD commented

2026-02-05 06:35:50 +03:00

@rokkondic commented on GitHub (May 28, 2025):

I agree, this would be useful for us as well.

@rokkondic commented on GitHub (May 28, 2025): I agree, this would be useful for us as well.

OVERLORD commented

2026-02-05 06:35:53 +03:00

@InactiveImmortal commented on GitHub (Sep 22, 2025):

+1
Would love to see this feature implemented!

@InactiveImmortal commented on GitHub (Sep 22, 2025): +1 Would love to see this feature implemented!

OVERLORD commented

2026-02-05 06:35:56 +03:00

@nejcgow commented on GitHub (Jan 10, 2026):

+1 That would be great.

@nejcgow commented on GitHub (Jan 10, 2026): +1 That would be great.

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#3396