Is your feature request related to a problem? Please describe.
First of all, thank you for this rock-solid authentication tool. Its enterprise-grade security and reliability are unmatched. However, as the number of 2FA-protected services grows for both professional and private users, the current UI faces a "cognitive bottleneck."
When managing a high volume of tokens—especially from the same organization—the current text-only list requires active reading rather than passive recognition. For example: A user might have multiple tokens for the SANS Institute (e.g., one for the main portal and a specific one for their Slack workspace). Even with custom labels, they look nearly identical at first glance. In fast-paced environments, this leads to unnecessary searching and potential friction.
Describe the solution you'd like
I propose a transition from "Text-Only Management" to "Visual Identity Management." This would drastically improve the Daily Life of users by implementing three key pillars:
-
Automated Visual Recognition (The "Favicon" Standard)
Following the Best Practice of modern password managers (like Apple Keychain or Bitwarden), the app should be able to automatically fetch a favicon.ico based on the URL/Issuer provided in the TOTP metadata.
Implementation: If a token is added for "Amazon" or "Microsoft," the app should optionally resolve the domain to display the corresponding brand icon.
Privacy-First Approach: To maintain privacyIDEA's core values, this should be an optional "Opt-In" feature. A toggle in the settings could allow users to enable "Automatic Icon Fetching," ensuring that no data is leaked to external servers unless the user explicitly chooses the convenience of visual aids.
-
Manual Icon & Label Overrides
For internal corporate systems (like a specific "MultiCash 5" installation) where no public Favicon exists, users should be able to:
Manually upload or select an icon.
Fully override labels to match the specific application they see on their screen, creating a 1:1 visual link between the login prompt and the Authenticator app.
-
Visual Differentiation through Color Coding
Even without icons, allowing users to assign subtle accent colors to token entries would help distinguish between similar accounts (e.g., separating "Development," "Staging," and "Production" environments of the same service).
Why this matters for privacyIDEA's growth:
By integrating these "Quality of Life" features, privacyIDEA can bridge the gap between a high-security backend and a modern, intuitive frontend.
Adoption: It makes the app significantly more attractive to "Prosumers" and private users.
Usability: Visual pattern recognition is cognitively faster than reading text. Seeing a logo allows for immediate action.
Market Position: Implementing automated icon fetching (with a focus on data parsimony) would put the pi-authenticator on par with "Hyper-Scaler" solutions while maintaining its superior privacy standards.
Describe alternatives you've considered
Static text labels are a solid foundation but do not scale for power users with 20+ tokens. Manual-only icon management is a good first step, but the automated Favicon-approach is the current industry benchmark for UX.
Additional context
Imagine opening the app and instantly identifying the SANS-Slack token by its icon and the MultiCash 5 token by its specific logo. You don't need to read; you just tap. This level of UX, combined with your enterprise-grade security, would make the pi-authenticator the gold standard for all user groups.
Is your feature request related to a problem? Please describe.
First of all, thank you for this rock-solid authentication tool. Its enterprise-grade security and reliability are unmatched. However, as the number of 2FA-protected services grows for both professional and private users, the current UI faces a "cognitive bottleneck."
When managing a high volume of tokens—especially from the same organization—the current text-only list requires active reading rather than passive recognition. For example: A user might have multiple tokens for the SANS Institute (e.g., one for the main portal and a specific one for their Slack workspace). Even with custom labels, they look nearly identical at first glance. In fast-paced environments, this leads to unnecessary searching and potential friction.
Describe the solution you'd like
I propose a transition from "Text-Only Management" to "Visual Identity Management." This would drastically improve the Daily Life of users by implementing three key pillars:
Automated Visual Recognition (The "Favicon" Standard)
Following the Best Practice of modern password managers (like Apple Keychain or Bitwarden), the app should be able to automatically fetch a favicon.ico based on the URL/Issuer provided in the TOTP metadata.
Implementation: If a token is added for "Amazon" or "Microsoft," the app should optionally resolve the domain to display the corresponding brand icon.
Privacy-First Approach: To maintain privacyIDEA's core values, this should be an optional "Opt-In" feature. A toggle in the settings could allow users to enable "Automatic Icon Fetching," ensuring that no data is leaked to external servers unless the user explicitly chooses the convenience of visual aids.
Manual Icon & Label Overrides
For internal corporate systems (like a specific "MultiCash 5" installation) where no public Favicon exists, users should be able to:
Manually upload or select an icon.
Fully override labels to match the specific application they see on their screen, creating a 1:1 visual link between the login prompt and the Authenticator app.
Visual Differentiation through Color Coding
Even without icons, allowing users to assign subtle accent colors to token entries would help distinguish between similar accounts (e.g., separating "Development," "Staging," and "Production" environments of the same service).
Why this matters for privacyIDEA's growth:
By integrating these "Quality of Life" features, privacyIDEA can bridge the gap between a high-security backend and a modern, intuitive frontend.
Describe alternatives you've considered
Static text labels are a solid foundation but do not scale for power users with 20+ tokens. Manual-only icon management is a good first step, but the automated Favicon-approach is the current industry benchmark for UX.
Additional context
Imagine opening the app and instantly identifying the SANS-Slack token by its icon and the MultiCash 5 token by its specific logo. You don't need to read; you just tap. This level of UX, combined with your enterprise-grade security, would make the pi-authenticator the gold standard for all user groups.