I have a security key app setup on my cell phone. However, I was thinking it would be nice to have something permanent that is always running that I can just glance over at when needed, it's also annoying when I get a new phone and have to go through the whole process of replacing the authorized security key app for a new device.

I notice on the security key page for my account, it just say I have one setup and that's it. I seem to recall that EAware sold a hard key, like people use for VPN access sometimes for work. It's just an always-on digital LCD display and runs on a coin cell battery. However, I don't see an option to buy one in the store, and as I said there's nothing else showing on the security key page for my account, presumably because I already have something setup. That's kind of annoying in and of itself because it would be nice to have multiple options. These kind of things operate simply by calculating a number that's valid for the current date and time within a few seconds window, so it seems to me if it's, say a CRC type calculation based on some secret key value, there should be no reason multiple key generators can't be linked. I'm wondering why SWTOR doesn't just get with the 2010's and use Google's universal key generator app, which I use for something like 15 different websites and apps.

Aside from that, it would be really nice if there was an SDK for this thing. I'm an engineer and could easily build my own low-power device like the key fob they sell, just need to be able to run it on uLinux or freeRTOS or just give me the code for (assuming it's something like PGP, AES, etc) generating a valid public key.

Options would be nice because, as I said, it's a pain dealing with getting a new phone, and going the hard key fob route means I have to carry it with me all the time (I typically only have my phone on me but not always; no set of keys at the ready, except usually in a drawer somewhere). I know people will knee-jerk with argumentative responses like accusing me of being lazy or something, or minimizing the (highly subjective) effort level by citing their own experience and apathy, but this is more about simplifying something that should be way simpler. I'm not at all arguing against 2FA, but this is the one website/service that's really behind the times IMO, and it seems to me it would be very easy to provide multiple (simultaneous) options for the security key.

I'm not asking for some mind-blowing miracle from the devs like, say, fixing the codex

They don't do the hard key anymore, although you can still get them in the collectors edition, but there's no guarantee it would still be working, or how long it would last. Personally I use winauth on my computer, so it's always there when I log in, I've never used the app for the phone, as I've a habit of losing the phone, or just not charging it. In fact my friends joke that they have to ring my wife's to get me, as it's impossible to reach me on mine...lol

There are other programs, I thought the google app could be used too, but not sure now...lol

They don't do the hard key anymore, although you can still get them in the collectors edition, but there's no guarantee it would still be working, or how long it would last. Personally I use winauth on my computer, so it's always there when I log in, I've never used the app for the phone, as I've a habit of losing the phone, or just not charging it. In fact my friends joke that they have to ring my wife's to get me, as it's impossible to reach me on mine...lol

 

There are other programs, I thought the google app could be used too, but not sure now...lol

Thanks. I had no idea. WinAuth is cool too, and I see google authenticator works too. Since winauth is open source, I wonder if theres a way to adapt the code to something linux based?

Thanks. I had no idea. WinAuth is cool too, and I see google authenticator works too. Since winauth is open source, I wonder if theres a way to adapt the code to something linux based?

Don't know myself, but we've some really tech savvy people here, so hopefully one of them could answer

Thanks. I had no idea. WinAuth is cool too, and I see google authenticator works too. Since winauth is open source, I wonder if theres a way to adapt the code to something linux based?

oathtool may work , as long as the app is totp IAW RFC6238 https://tools.ietf.org/html/rfc6238