Add support for FIDO2/WebAuthn to the Management Web Console

I would like to see the ability to use FIDO2 hardware tokens (For example, a YubiKey) when logging into the Pi-Hole Web console. Would prefer the Passwordless option with PIN, but would be happy with any olne of the FIDO2 modes.

Info and libraries can be found here:

A nice tutorial is here: WebAuthn Developer Guide


What is the use case here? A Pi-Hole is normally running within the protection of your LAN, where you control LAN access.

Yes, Physical (and Logical) access to a Pi-Hole instance can be managed, but given todays Hacking landscape, having MFA is always a good thing. In addition, I am sure a pretty large number of Pi-Hole users have some kind of VPN or other hole punched in the firewall.

The used case is to protect login to the Web console. This will keep bad guys out of the configuration sections.

1 Like

Closing as a (more specific) duplicate to