Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unseal Vault using Android, or Iphone - Vault App #28073

Open
ji-podhead opened this issue Aug 14, 2024 · 0 comments
Open

Unseal Vault using Android, or Iphone - Vault App #28073

ji-podhead opened this issue Aug 14, 2024 · 0 comments
Labels
auth/okta core/auth feature-request

Comments

@ji-podhead
Copy link

Hi,

I currently have a non-HA Vault on my main machine, as I'm just building the automation of my infrastructure to make it HA. By that said, it sometimes distracts me, having the routine of getting the keys, starting the server, looking for my config, and unsealing. So, I asked myself: Why can't I just use my phone to decrypt the keys on the phone using the fingerprint (biometric authentication) as a security measure, in addition to 2FA (since you're using mobile anyway), and then make an API call from mobile to unseal the Vault?

so we have:

  • the keys stored and encrypted on the phone
    • pin and biometric authentication on the mobile side
  • 2factor for api call and other auth like approle token
  • login and push a button to unseal your portions

so you have to store your unseal keys somewhere, why not on your phone, but encrypted
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auth/okta core/auth feature-request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@divyaac @ji-podhead