On Thu, Feb 14, 2013 at 7:11 AM, Paul Libbrecht <[email protected]> wrote:
> The two stage tokens is the underlying way it works in OAuth, I'm not > saying it's the way you intend it. > Please explain or give references. > > Paul I think we are at cross purposes, I mean a token as a hardware device such as an RSA fob, or softphone application such as Google Authenticator, a "device" that provides the "something your have". To provide two examples For me to login to gmail, I enter my username and password, and I am then prompted to enter the six digit authentication code from Google Authenticator running on my phone. For me to login to a specific VPN, I enter a username, password and code displayed on an RSA fob. Cheers _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
