Re: [Cosign-discuss] OTP based second factor

Thu, 09 Oct 2014 11:34:00 -0700 

Andrew Mortensen wrote a factor for the Duo Security service...

https://github.com/moretension/duo_cosign

It requires some patches that are not currently in the main branch.  I have
been working with Jorj Bauer at the Univesity of Pennsylvania to try
and correct that.

I believe that Penn also has a different HOTP/TOPT factor (tho I don't know
if it's a production service or not). UMich may be exploring this too.  We
were thinking about maybe using the PAM factor in addition with Google
authenticator, but have not begun any serious work towards that end

--
Liam Hoekenga
ITS Identify and Access Management
University of Michigan
li...@umich.edu

On Thursday, October 9, 2014, <gavin.g...@ed.ac.uk> wrote:

> Has anyone out there implemented second factor authentication using
> HOTP/TOTP based apps? If so would you be willing to share your experience?
>
> regards,
>
> Gavin Gray
> Edinburgh University Information Services
> Rm 2013 JCMB
> Kings Buildings
> Edinburgh
> EH9 3JZ
> UK
> tel +44 (0)131 650 5987
> email gavin.g...@ed.ac.uk <javascript:;>
>
> --
> The University of Edinburgh is a charitable body, registered in
> Scotland, with registration number SC005336.
>
>
> ------------------------------------------------------------------------------
> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
>
> http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
> _______________________________________________
> Cosign-discuss mailing list
> Cosign-discuss@lists.sourceforge.net <javascript:;>
> https://lists.sourceforge.net/lists/listinfo/cosign-discuss
>

------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Reply via email to