🚀 Feature: require reauthentication before adding new passkey #4

New Issue

Closed

opened 2025-10-06 23:57:59 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2025-10-06 23:57:59 +03:00

Owner

Copy Link

Originally created by @James18232 on GitHub.

Feature description

Feature request to require the user reauthenticate before adding a new passkey to a pocketID instance (both via code generation to send to a user for use, or directly within pocket id for an admin).

This would obviously not apply to initial passkey setup.

Pitch

This is a hardening step/zero trust approach that removes the risk of a compromised instance leading to persistent access via unauthorised passkeys being added.

The user should have to prove ownership of an existing passkey to add or authorise another for pocket ID.

I consider this important due to the inherent risks of sso allowing unintended access to the pocket ID instance via horizontal movement, poor digital hygiene or otherwise compromised security.

Originally created by @James18232 on GitHub. ### Feature description Feature request to require the user reauthenticate before adding a new passkey to a pocketID instance (both via code generation to send to a user for use, or directly within pocket id for an admin). This would obviously not apply to initial passkey setup. ### Pitch This is a hardening step/zero trust approach that removes the risk of a compromised instance leading to persistent access via unauthorised passkeys being added. The user should have to prove ownership of an existing passkey to add or authorise another for pocket ID. I consider this important due to the inherent risks of sso allowing unintended access to the pocket ID instance via horizontal movement, poor digital hygiene or otherwise compromised security.

OVERLORD closed this issue 2025-10-06 23:58:00 +03:00

OVERLORD commented 2025-10-06 23:58:01 +03:00

Author

Owner

Copy Link

@stonith404 commented on GitHub:

I’m not sure this change makes sense. If we add a re-authentication prompt here, we should also require it for creating API keys and creating new users, since both actions can also give an attacker “infinite” access. That would make the flow quite annoying for legitimate users.

If you’re concerned about this risk, a simpler approach is to lower the session duration so tokens expire quickly. You might also want to look at #780, which suggests to add the option to choose between long-lived and short-lived sessions.

@stonith404 commented on GitHub: I’m not sure this change makes sense. If we add a re-authentication prompt here, we should also require it for creating API keys and creating new users, since both actions can also give an attacker “infinite” access. That would make the flow quite annoying for legitimate users. If you’re concerned about this risk, a simpler approach is to lower the session duration so tokens expire quickly. You might also want to look at #780, which suggests to add the option to choose between long-lived and short-lived sessions.

OVERLORD commented 2025-10-06 23:58:02 +03:00

Author

Owner

Copy Link

@James18232 commented on GitHub:

Noted.

This could also be solved by having a setting to require reauthentication for pocket ID itself, not just for clients.

@James18232 commented on GitHub: Noted. This could also be solved by having a setting to require reauthentication for pocket ID itself, not just for clients.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

i18n_crowdin

breaking/v2

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id#4