6.0.0-beta6
▾
Tasks
New Task
Search
Photos
Wiki
▾
Tickets
New Ticket
Search
dev.horde.org
Toggle Alerts Log
Help
4/10/26
H
istory
A
ttachments
C
omment
W
atch
Download
Comment on [#11076] One Time Password Module Implementation - request for comment
*
Your Email Address
*
Spam protection
Enter the letters below:
.__ . ..___..___.\ / [ __\ / _/ _/ >< [_./ \/ ./__../__./ \
Comment
> Dear Dev-Team, > > as announced in #10980, I am trying to provide a first version of a > hash-chain implementation for one time passwords. This is my personal > reason why I would need the Dual_Auth module described previously. > Nevertheless the modules are both fully functional on their own. > > With this otp module a user can log in to horde with another password > every time and thus protect his credentials if he has to log in from > an untrusted location such as an airport internet terminal. > > ATM this uses the same table as Auth_Sql (horde_users) with two > additional fields. If requested this can of course be changed to use > its own table. > ALTER TABLE `horde_users` ADD `hash_chain_pwd` VARCHAR( 60 ) NOT NULL > ALTER TABLE `horde_users` ADD `hash_chain_index` INT( 50 ) NOT NULL > > I am posting this at this state mainly to get feedback on the idea > and the implementation. I am by all means willing to improve it from > a security, architectural, or even style point of view. > > Further additions in terms of support in the passwd application, > warnings when the password list runs empty and integration in the > configuration page are planned if this is of common interest. > > Any comment is appreciated. > Best regards, > Carl
Attachment
Watch this ticket
N
ew Ticket
M
y Tickets
S
earch
Q
uery Builder
R
eports
Saved Queries
Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers