Add YubiKey Support for Two-Factor Authentication on Firewalla

Follow

kiw33r

• October 26, 2025 06:56

Hi everyone, wouldn't it be fantastic if Firewalla could support YubiKeys for two-factor authentication? It would give our networks an even stronger layer of security and make it much harder for attackers to break in. I think it would be a great addition for anyone wanting to make their routers even more fortress-like!

1

• 

  Firewalla

  • October 26, 2025 22:57

  The app access itself is already protected by your phone. 

  Do you mean MSP support?

  0

  Comment actions Permalink
• 

  kiw33r

  • October 27, 2025 23:22

  I actually meant regular app or account access, not MSP.
  Even though access is protected by the phone, adding hardware-based two-factor authentication (like a YubiKey with FIDO2/U2F) would provide a significant extra security layer.

  If a phone gets compromised, intercepted, or a password manager is breached, a physical security key ensures that access still requires something only the legitimate user possesses.
  That’s the real value — it makes remote compromise practically impossible without physical access to the YubiKey.

  0

  Comment actions Permalink
• 

  matthew hoeper

  • November 17, 2025 16:29

  I also second this idea, also why not implement Face ID passkey support ? Both are useful in case someone gets phone and knows phone pin code

  1

  Comment actions Permalink
• 

  matthew hoeper

  • November 17, 2025 16:34

  Relying solely on phone pin code security is not reliable enough . Scratch what I said early about Face ID support, you can already force Face ID support by holding on apps and locking behind Face ID on iPhones

  2

  Comment actions Permalink
• 

  Andy brown

  • November 17, 2025 16:45

  Some form of two factor authentication for those who want it. Yubikey would get my vote.

  2

  Comment actions Permalink
• 

  matthew hoeper

  • November 17, 2025 16:47

  Only issue is YubiKey is when you lose them, you’re really screwed after that but I always have 3 at all times to make sure I always have access. For anyone reading this, please get more than 1

  2

  Comment actions Permalink
• 

  kiw33r

  • November 17, 2025 16:49

  When you use a yubikey you have also backupcodes. Correct me if I’m wrong.

  0

  Comment actions Permalink
• 

  matthew hoeper

  • November 17, 2025 16:50

  Or at the minimum standard 2FA that can get locked behind the YubiKey authentication app within the key. I use that whenever something doesn’t natively support the key itself. They’re super easy to use so I see a lot of people benefiting especially businesses.

  1

  Comment actions Permalink
• 

  Andy brown

  • November 17, 2025 18:18

  I have one I carry, my backup locked away in my fire proof box and another I just bought which I haven’t sorted out yet. I had one break, which is unusual, they replaced it immediately.

  1

  Comment actions Permalink
• 

  Brendan Harvey

  • December 28, 2025 02:34

  Would love to see hardware key locking/access. Firewalla is like fort knox...except the app....which can swiftly take the whole thing down from the inside :\ :\ :\

  0

  Comment actions Permalink
• 

  Michael Reeves

  • December 29, 2025 17:22
  • Edited

  Solution here for now is to use 2fa behind a FIDO2 usb key, like Google Authenticator or similar. These are only needed for Authenticator accounts.

  0

  Comment actions Permalink

Please sign in to leave a comment.