Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
It would be great to be able to set yubikey optional before assigned for specific roles, and yet still be able to allow(require) uid1 (specific roles, optionally) to log in with ONLY yubikey OTP and no password.
IMO, the current one-setting-fits-all of this otherwise great module is far too limiting and makes the solution inflexible.
Comments
Comment #1
Leeteq CreditAttribution: Leeteq commentedPS. In order to not have to change the default login block or login page, I imagine that with this feature request we could keep the red star indicating a required password field, but then hijack the response form if submitted with a valid yubikey for a role that is allowed to log in with only the OTP, then let the user enter without presenting the drupal error message about the missing, required password field.
This setting is mostly for admins, who should know/be informed about just that tweak, hence no real need to work around that part, IMO.