[wplug-internet] Two-factor authentication
Justin Smith
justin at adminix.net
Tue Feb 10 15:37:16 EST 2015
I'm currently working with Joe to implement two-factor authentication via
oath on Haiku's OpenSUSE servers. If you attended January's GUM, you'll
recognize that this is the topic Pat presented on. I used his slides as a
guide. (Thanks, Pat!)
Since I now understand how to install and configure oath, I'd be willing to
set it up on WPLUG's VPS. We store people's personal information - their
names, addresses, and so on - so I think the added security would be an
asset.
This would require everyone with a user account to have a smartphone
with a properly-configured OTP application in order to log in. However, we
can make exceptions where appropriate. If John Doe doesn't own a
smartphone, we can turn off two-factor authentication for his account.
Is this an idea worth pursuing? I'd be willing to set up oath and create a
short tutorial.
*Justin Smith*
GNU/Linux System Administrator
/"Nothing in this world can take the place of persistence. Talent will not;
nothing is more common than unsuccessful people with talent. Genius will
not; unrewarded genius is almost a proverb. Education will not; the world is
full of educated derelicts."/
/-Calvin Coolidge/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.wplug.org/pipermail/wplug-internet/attachments/20150210/6893ed8b/attachment.html>
More information about the wplug-internet
mailing list