Re: Support OTP
[Date Prev][Date Next] [Thread Prev][Thread Next]Re: Support OTP
- From: Michael Ströder <michael [at] stroeder.com>
- To: Arthur de Jong <arthur [at] arthurdejong.org>, nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: Support OTP
- Date: Sun, 10 Mar 2019 22:19:08 +0100
On 3/10/19 4:25 PM, Arthur de Jong wrote: > On Thu, 2019-03-07 at 11:22 -0500, Dave Macias wrote: >> Any thoughts of including otp ? >> >> https://symas.com/two-factor-authentication-everywhere/ >> https://github.com/openldap/openldap/tree/master/contrib/slapd-modules/passwd/totp > > If I read it correctly, both solutions replace the password > authentication that is done by OpenLDAP with OATH TOTP or HOTP > authentication. In the first link it's said: "..they can use the token to log in alongside their usual password." From my understanding the user's password and the OTP is entered as password for LDAP simple bind request. Same solution like my OATH-LDAP (and actually Symas is using OATH-LDAP's schema for that). > In that sense it is still not two-factor authentication (there is still > one factor but it is not a password). That's only true for contrib/slapd-modules/passwd/totp. > I think both solutions should already be compatible with nss-pam-ldapd > because they both support authentication using the BIND operation. Yes. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- To unsubscribe send an email to nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see https://lists.arthurdejong.org/nss-pam-ldapd-users/
- Support OTP,
Dave Macias
- Re: Support OTP,
Arthur de Jong
- Re: Support OTP, Michael Ströder
- Re: Support OTP, twb-nss-pam-ldapd-users
- Re: Support OTP,
Arthur de Jong
- Prev by Date: Re: pam password changing
- Next by Date: Re: Support OTP
- Previous by thread: Re: Support OTP
- Next by thread: Re: Support OTP