user-otp icon indicating copy to clipboard operation
user-otp copied to clipboard

Published 20 hours ago verified publisher icon loki36

Two factor auth with additional PW

Open s24195 opened this issue 10 years ago • 0 comments

Hi,

so far I have been using the Yubikey OTP plugin, but wanted to switch to your implementation because of google Authenticator.

I want to use it in the real "Two-factor mode". In my opinion there is a design lack in your implementation.

Suppose you have a keylogger on your system and it records the PW then you can easily use it to authenticate via webdav etc, just strip of the OTP! Therefore the two-factor setup only makes sense if there is the possibility/must to set an additional PW that will only work in conjunction with the OTP.

In case that you alter this issue I guess you will have troubles with the encryption app. Not sure how this could be solved!

Anyways thank you for this app and I hope to see some improvements soon.

s24195 avatar Dec 30 '14 19:12 s24195