I'm looking for further information on
https://fedorahosted.org/freeipa/ticket/4510 applicaiton specific
passwords. Has anyone had luck setting up OTP alongside app specific
passwords in FreeIPA directly.
Unfortunately, without having even rudimentary gui tools for the end user I
can't see OTP being useful. Many mail applications simply authenticate via
password each session and this would break those applications. Even worse
basic http authentication won't last the length of a session and will
expire after the auth window has elapsed for a given password.
The use case that I'm most frustrated with is my owncloud sync clients.
Owncloud on the desktop seems to setup an adequate user session such that I
haven't had to reauthenticate the client. The webdav viewer and the mobile
apps on the other hand both cause the user to immediately logout if they
use their otp to login (and potentially locks the user account based on too
many failed password attempts).
Any help on setting up OTP with app specific passwords on would be greatly
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project