Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make 2FA behave like most web apps #966

Closed
oparoz opened this issue May 26, 2016 · 2 comments
Closed

Make 2FA behave like most web apps #966

oparoz opened this issue May 26, 2016 · 2 comments

Comments

@oparoz
Copy link
Contributor

oparoz commented May 26, 2016

Maybe it's just the apps I use, but I've rarely seen web apps which ask to combine the OTP password with the local password in order to be authenticated. It's not very convenient, since the passwords are time based and we still have to type the local password after having typed the OTP one.

I suggest opnsense uses a 2-step authentication.

  1. Enter the local login+password
  2. Type in the OTP code
@AdSchellevis
Copy link
Member

@oparoz sorry, this is not going to happen, the authentication system is used across all components and most of them don't have other options then user/pass combinations.
The pin+pass combination is used in other vpn access systems as well.

@oparoz
Copy link
Contributor Author

oparoz commented May 26, 2016

Yeah, corporate VPN is the only place where I've seen this. Make sense since you want to use that for other components.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@oparoz @AdSchellevis