[TYPO3-dev] Improving login security in TYPO3 (BE+FE)
Kay Strobach
typo3 at kay-strobach.de
Wed May 16 12:11:26 CEST 2012
Even more info can be found here:
http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447
same in german ;)
http://support.google.com/accounts/bin/answer.py?hl=de&answer=1066447
Regards
Kay
Am 16.05.2012 11:44, schrieb Kay Strobach:
> Am 16.05.2012 11:06, schrieb Jigal van Hemert:
>> Hi,
>>
>> On 15-5-2012 16:59, Kay Strobach wrote:
>>> perhaps you know google authenticator (a software token generator).
>>
>> Can you give a summary for those who are not familiar with it? If you
>> explain the idea you might get more response.
>>
>
> Hello Jigal,
>
> for sure.
>
> Basicly it's about a two factor authentification:
>
> (JS Example, for security reasons not for production use):
>
> http://jsfiddle.net/russau/uRCTk/
>
> This way the user will be asked for his normal password and an
> additional onetime token, which can be generated with nearly every
> smartphone on the market (iOs, Android, Windows Phone)
>
> To achieve that my prototype hooks into
>
> $TYPO3_CONF_VARS['SC_OPTIONS']['t3lib/class.t3lib_userauth.php']['postUserLookUp'][]
>
> and locks the backend until the onetime token is inserted correctly.
>
> Regards
> Kay
>
--
http://www.kay-strobach.de - Open Source Rocks
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
Answer was useful - feel free to donate:
-
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=KPM9NAV73VDF2
- https://flattr.com/profile/kaystrobach
More information about the TYPO3-dev
mailing list