Re: Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP
[Andrew Pollock] * Package name: libpam-barada Description : PAM module to provide two-factor authentication based on HOTP I would suggest that the PAM architecture is better suited to providing only _one_ factor of authentication per plugin. Does this module really implement two factors? If not, you probably shouldn't claim that it does. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP
Peter Samuelson pe...@p12n.org writes: [Andrew Pollock] * Package name: libpam-barada Description : PAM module to provide two-factor authentication based on HOTP I would suggest that the PAM architecture is better suited to providing only _one_ factor of authentication per plugin. Does this module really implement two factors? If not, you probably shouldn't claim that it does. I don't know about this module in particular, but it's certainly possible for a PAM module to provide a system interface for a two-factor authentication system. For example, use of a hardware smart card plus a pass code is a two-factor authentication system, and if the PAM module prompts the user to enter the smart card, prompts for the pass code, and then uses the libraries to verify the pass code and the smart card, that's a two-factor authentication system implemented in a PAM module. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP
Package: wnpp Severity: wishlist Owner: Andrew Pollock apoll...@debian.org * Package name: libpam-barada Version : 0.4 Upstream Author : Moxie Marlinspike mo...@thoughtcrime.org * URL : http://barada.sourceforge.net/ * License : GPL Programming Lang: C++ Description : PAM module to provide two-factor authentication based on HOTP Use HOTP (RFC4226) two-factor authentication with PAM. . In addition to a normal password, users are also assigned a 128 bit key and arbitrary-length PIN number. Every time you'd like to login using a OTP, you calculate a secure hash based on your assigned PIN and an increasing counter, the result of which is a six character one time password. . While this module could be used in conjunction with many different client devices, it was written specifically with Android devices in mind. There is companion software which runs on Android, so that your phone essentially becomes a SecureID token. All you need to do is open up the software, type in your PIN, and you get back a 6-character number that you can use to login to your system. -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org