[TYPO3-dev] Improving login security in TYPO3 (BE+FE)
Kay Strobach
typo3 at kay-strobach.de
Wed May 16 11:41:40 CEST 2012
Hello Dave,
as far as i know, this won't work with challenged passwords ...
Yubikey seems to use the same algorithm as google ;)
Regards
Kay
Am 16.05.2012 11:18, schrieb Dave Sexton:
> On Wed, 2012-05-16 at 09:35 +0200, Kay Strobach wrote:
>
>> thanks for testing soon, currently i search where to hook in to catch a
>> logged in user and show the form for the second step ;)
>>
>
> Are the tokens you are using of a fixed length? If so, there is an
> easier way. Have the user input their password immediately followed by
> the token code then split the input into the password and token within
> your auth service.
>
> I am looking at implementing an auth service for the Yubikey hardware
> token and that is the approach I will be taking.
>
> Dave
>
>
--
http://www.kay-strobach.de - Open Source Rocks
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
Answer was useful - feel free to donate:
-
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=KPM9NAV73VDF2
- https://flattr.com/profile/kaystrobach
More information about the TYPO3-dev
mailing list