Re: [Cosign-discuss] OTP based second factor

2014-10-14 Thread gavin . gray 
OK thank you for the update. We'd love to hear about it if you make any 
more progress.


many thanks,

Gavin

On Thu, 9 Oct 2014, Liam Hoekenga wrote:


Andrew Mortensen wrote a factor for the Duo Security service...
https://github.com/moretension/duo_cosign

It requires some patches that are not currently in the main branch.  I have
been working with Jorj Bauer at the Univesity of Pennsylvania to try
and correct that.

I believe that Penn also has a different HOTP/TOPT factor (tho I don't know
if it's a production service or not). UMich may be exploring this too.  We
were thinking about maybe using the PAM factor in addition with Google
authenticator, but have not begun any serious work towards that end

--
Liam Hoekenga
ITS Identify and Access Management 
University of Michigan 
li...@umich.edu

On Thursday, October 9, 2014, gavin.g...@ed.ac.uk wrote:
  Has anyone out there implemented second factor authentication
  using
  HOTP/TOTP based apps? If so would you be willing to share your
  experience?

  regards,

  Gavin Gray
  Edinburgh University Information Services
  Rm 2013 JCMB
  Kings Buildings
  Edinburgh
  EH9 3JZ
  UK
  tel +44 (0)131 650 5987
  email gavin.g...@ed.ac.uk

  --
  The University of Edinburgh is a charitable body, registered in
  Scotland, with registration number SC005336.

---
  ---
  Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
  Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS
  Reports
  Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White
  paper
  Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog
  Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311iu=/4140/ostg.clktr
  k
  ___
  Cosign-discuss mailing list
  Cosign-discuss@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/cosign-discuss





Gavin Gray
Edinburgh University Information Services
Rm 2013 JCMB
Kings Buildings
Edinburgh
EH9 3JZ
UK
tel +44 (0)131 650 5987
email gavin.g...@ed.ac.uk

--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.--
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss

Re: [Cosign-discuss] OTP based second factor

2014-10-09 Thread Liam Hoekenga 
Andrew Mortensen wrote a factor for the Duo Security service...

https://github.com/moretension/duo_cosign

It requires some patches that are not currently in the main branch.  I have
been working with Jorj Bauer at the Univesity of Pennsylvania to try
and correct that.

I believe that Penn also has a different HOTP/TOPT factor (tho I don't know
if it's a production service or not). UMich may be exploring this too.  We
were thinking about maybe using the PAM factor in addition with Google
authenticator, but have not begun any serious work towards that end

--
Liam Hoekenga
ITS Identify and Access Management
University of Michigan
li...@umich.edu

On Thursday, October 9, 2014, gavin.g...@ed.ac.uk wrote:

 Has anyone out there implemented second factor authentication using
 HOTP/TOTP based apps? If so would you be willing to share your experience?

 regards,

 Gavin Gray
 Edinburgh University Information Services
 Rm 2013 JCMB
 Kings Buildings
 Edinburgh
 EH9 3JZ
 UK
 tel +44 (0)131 650 5987
 email gavin.g...@ed.ac.uk javascript:;

 --
 The University of Edinburgh is a charitable body, registered in
 Scotland, with registration number SC005336.


 --
 Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
 Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
 Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
 Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer

 http://pubads.g.doubleclick.net/gampad/clk?id=154622311iu=/4140/ostg.clktrk
 ___
 Cosign-discuss mailing list
 Cosign-discuss@lists.sourceforge.net javascript:;
 https://lists.sourceforge.net/lists/listinfo/cosign-discuss

--
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311iu=/4140/ostg.clktrk___
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss