google authenticator and commercial otp

Michael A Hawkins mhawkins.consultant at gmail.com
Wed Sep 23 18:39:04 CEST 2015


Alan said, "There are a number of commercial ones which work.  The
google authenticator also works."

Commercial means I usually (almost always) can't use my own tokens
sourced from my own token supplier. I liked it that otpd allowed me to
source tokens from wherever I wanted. All I needed was a supplier with a
cost effective token and a supplier willing to supply me with the seeds
too. Commercial suppliers usually lock you into their tokens, their
servers, their solution or all of the above.

google authenticator doesn't fit in my wallet. I've always believed that
the least likely item to be lost or misplaced by a user is their own
wallet. Cell phones, not so much. A users wallet contains stuff that is
far more important than a cell phone. Cell phones get lost, stolen far
more often than wallets.

If rlm_otp is to be removed. Against which module would I rewrite otpd
so that it could continue to work with freeradius? From googling, it
looks like alot of other otpd solutions out there use a perl module to
interact with freeradius. Is that the only way? Is there a better way?

Thanks again,

Mike






More information about the Freeradius-Users mailing list