I'm primarily a
User Developer Sysadmin A mixture Something else entirely .. ( 515 votes ~ 10 comments )
You are not currently logged in. If you do not have a user account then please consider creating one and logging in before you post your comment. This will allow you to track replies to your comment, and take part in the site much more freely.
To add your comment, fill in all the boxes below and then preview it to make sure you're happy with the way that it looks.
This is the comment you were replying to, attached to the article Implementing cost effective dual factor authentication:
#1 Re: Implementing cost effective dual factor authentication Posted by Anonymous (128.143.xx.xx) on Tue 20 Mar 2007 at 20:34 Sounds like a great setup and seems very similar to my own except for choice of packages. I utilized OTPGen on the phone side (http://marcin.studio4plus.com/en/otpgen/index.html) and OPIE which has the advantage of being in apt. Configuration is equivilent to what you describe but the security in this system is based off of the hash of a secret (RFC 2289) rather than the current time plus a secret. Dual factor authentication is fantastic, I no longer have to be carrying around an ssh private key if I want to ssh in to my machines (I've been the subject of an ssh brute forcing attempt in the past like I'm sure most here). Will
Posting Format:
Inappropriate comments will be removed.
Some help on entry formatting is available
Username:
Password:
[ Advanced Login ]
Register Account
