Freeradius and 2 Factor Authentication

Peter Lambrechtsen peter at crypt.nz
Fri Jun 3 00:22:47 CEST 2016


I've been looking at the TOTP open standard and there is a perl script
written for FreeRadius.
It's super easy to enroll the soft token on your phone by scanning the QR
code.

Plenty of clients across all mobile devices and you can get hard tokens if
that's your bag.

I really struggle why anyone would want to use anything else.
On Jun 3, 2016 9:38 AM, "Nick Owen" <owen.nick at gmail.com> wrote:

> On Thu, Jun 2, 2016 at 5:34 PM, Matthew Newton <mcn4 at leicester.ac.uk>
> wrote:
> > On Thu, Jun 02, 2016 at 04:57:57PM -0400, Arran Cudbard-Bell wrote:
> >> > Certificates do the job just as well.  Especially if they're
> encrypted.
> >>
> >> 3FA FTW!
> >
> > OpenVPN service I've run for years has certs with encrypted keys,
> > requires user logon, and shared key. Does that make it 4FA? :)
>
> I bet you could convince an PCI auditor that it was.  ;-)
>
>
>
> --
> --
> Nick Owen
> WiKID Systems, Inc.
> http://www.wikidsystems.com
> Commercial/Open Source Two-Factor Authentication
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list