[TYPO3-dev] Improving login security in TYPO3 (BE+FE)
Dave Sexton
list-typo3 at jack.org.uk
Wed May 16 11:18:49 CEST 2012
On Wed, 2012-05-16 at 09:35 +0200, Kay Strobach wrote:
> thanks for testing soon, currently i search where to hook in to catch a
> logged in user and show the form for the second step ;)
>
Are the tokens you are using of a fixed length? If so, there is an
easier way. Have the user input their password immediately followed by
the token code then split the input into the password and token within
your auth service.
I am looking at implementing an auth service for the Yubikey hardware
token and that is the approach I will be taking.
Dave
More information about the TYPO3-dev
mailing list