[Typo3-dev] Authentication through "Security-Question/Answer"?
Christian Trabold
trabold at mehrwert.de
Fri Jul 29 12:32:04 CEST 2005
Hello!
>>>And can you explain why a login/pwd pair is not enough? Three tokens to
>>>remember (ok everybody should know his surname) seems to be quite a
>>>hassle.
>>>
>>
>>Because three tokens are desired in this case. And judging by what I have
>>seen so far, I will not be suprised if people desire more sophisticated
>>auth in the near future (Think of LDAP (supported),S/Key,
>>Kerberos,PAM,stream of cypherstuff flowing from RSA,etc.).
>
>
> Well, I think you can do PAM authentication with some wrappers provided that
> all you need is a login/pwd pair for credentials.
>
> If you need a two step user interaction (user enters first part of
> credentials [username], server sends phrase, users enters second part
> [answer]) you need a custom login form extension. And I don't think this
> will fit well in the TYPO3 authentication layer as it expects this login/pwd
> pair. But perhaps you can fake it and do the real authentication in the
> plugin and have some token to be passed on a special authentication service
> that does no real authentication but just checks for this token.
First: Thanks for your answers! They really helped getting a clue on
that topic.
I'm currently working on a solution and I will keep you informed if it
works ;)
I hope I can post the solution very soooon :)
Greetings,
Christian
More information about the TYPO3-dev
mailing list