Category: IdeasCategory: Two Factor Authorization

Two Factor Authorization
16 votes, 3.75 avg. rating (74% score)
Category: Added to Bug TrackerAdded to Bug Tracker
Michael Dance: Two Factor Authorization after log in to enhance the security and that the account holder is who they are. Optional per user, and if the root user is logging into a client, they have to enter theirs to get in if they have it enabled on their account.
SecurityTFATwo Factor Authorization
Dec 2, 2013, 5:24 pmBy: Michael Dance
  1. Jonathan Halewood: https://www.duosecurity.com/ is very good for this. Basic plan is free, and it scales very well for if you want LDAP integration or end user 2FA.
    December 12, 2013 at 3:48 pm
    Reply
    • Michael Dance: Ah I was looking at Googles: https://code.google.com/p/google-authenticator/ Blesta use it.
      December 13, 2013 at 11:49 am
      Reply
      • Jonathan Halewood: Yes! The Google product is also good. The only thing that concerned us when we deployed 2FA was that Google have in the past changed or withdrawn products leaving users "up the creek" as it were (Google Checkout being a prime example). Either way, once the concept/framework for a 2FA mechanism is placed into InterWorx, adapting it to a specific vendor's solution shouldn't be too hard as long as the base code is done right (which it will be - it's InterWorx!). The main thing for me would be the possibility of combining the 2FA model with LDAP - that would SERIOUSLY reduce administrative burden and tighten security for our staff accounts. Jon
        December 20, 2013 at 5:20 pm
        Reply

Leave a Reply
Surround code blocks with <pre>code</pre>

Your email address will not be published.

Submit an Idea

Please log in via one of the icons to the left. :)

Comments