How to provide two-factor authentication in Kubuntu without a phone

Is it possible to use two-factor authentication on a Linux laptop running Kubuntu 18.04 without using a phone at all? If so, how?

I'm able to authenticate on my phone without any particular difficulty. But when I log into Coinbase under Kubuntu, I'm asked for a 2-step verification code. Running Authenticator under Kubuntu, I'm asked for a provider (presumably Coinbase), an account name (presumably my account name at Coinbase), and a 2FA token. It seems that both Authenticator and Coinbase are asking for codes, and neither of them are providing codes. It's like trying to connect a male plug to another male plug.

I would guess that I'm making a major conceptual error -- but what?

4

2 Answers

Looks like Coinbase supports Yubikey. From :

Coinbase supports all WebAuthN / Fido2 standard security keys. An option for a security key is Yubico's yubikey.

See Using security keys

The Yubikey plugs into a USB port, emulates a keyboard, and produces a security code when touched. Should work with Kubuntu 18.04.

1

Another option is to use a password manager like KeePassXC that has a built-in 2FA function to create TOTP or "Time-Based One-Time Passwords". It allows you to store the secret you get from the service you set it up for, and then create a 2FA code whenever you need it, just like a Yubikey. The only difference is the secrets are stored on your PC (or whereever) in your password manager database, not on a hardware key. It's cheaper, but depending on your threat model may be less secure.

You only need to be sure the 2FA code you need is compatible - some sites use their own proprietary stuff. Anything that works with "Google Authenticator" is usually fine. Coinbase seems to do so.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like