[Otpasswd-talk] User state information & OOB usage

otpasswd-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Otpasswd-talk] User state information & OOB usage

From:	Hannes Beinert
Subject:	[Otpasswd-talk] User state information & OOB usage
Date:	Tue, 5 Jan 2010 00:08:15 -0600

Tomasz,

I noticed that you had a timestamp field for the last OOB channel use.
 Where is the passcode kept?  Or is the idea that the PAM module get
that passcode directly, and that it's stored in the process context?

The latter assumes that one is able to wait at a passcode prompt until
the OOB channel actually manages to deliver the passcode.  That's
probably a decent bet, nowadays, I suppose.  But if that delay time
gets too large, it could be inconvenient.

Another way to go about this is to use the login prompt (and/or a
website) to prompt the transmission of the passcode to the user.
Meanwhile, that passcode would be stuffed into the user state file
with the timestamp.  Then, next time a login happens, if it's within
the time window set by policy, the user would use that passcode to
authenticate.

Just thinking aloud.

Hannes.

[Prev in Thread]

Current Thread

[Next in Thread]

[Otpasswd-talk] User state information & OOB usage, Hannes Beinert <=
- Re: [Otpasswd-talk] User state information & OOB usage, Tomasz bla Fortuna, 2010/01/05
  - Re: [Otpasswd-talk] User state information & OOB usage, Hannes Beinert, 2010/01/05
    - Message not available
    - Re: [Otpasswd-talk] User state information & OOB usage, Hannes Beinert, 2010/01/06

Prev by Date: Re: [Otpasswd-talk] Changes in code and documentation. ;-)
Next by Date: [Otpasswd-talk] More observations
Previous by thread: [Otpasswd-talk] Some questions
Next by thread: Re: [Otpasswd-talk] User state information & OOB usage
Index(es):
- Date
- Thread