Is this my solution

Recommend this page to a friend!

      multiOTP PHP class  >  All threads  >  Is this my solution  >  (Un) Subscribe thread alerts  
Subject:Is this my solution
Summary:Better authentication
Messages:3
Author:Wonderm00n
Date:2010-12-29 15:00:37
Update:2013-07-09 18:06:41
 

  1. Is this my solution   Reply   Report abuse  
Wonderm00n - 2010-12-29 15:00:37
Hi there,

I have a client for which i've developed a web app that has user/password bu he wants an extra layer of authentication.

Will I be able to use this class and harware tokens like this: http://www.ftsafe.com/products/OTP-C200.html to acheive this?

What must I ensure on the server system time?

Will any user that would be able to buy another harware token, not provided by my client, be able to login (if he knew the user/pass)?

The problem is that my client ONLY wants to let the users access the app from INSIDE his permisses (several all over the country) and not at home. So an hardware token would be available at the permisses in order the users be able to login with their account.

  2. Re: Is this my solution   Reply   Report abuse  
André Liechti - 2010-12-29 18:32:58 - In reply to message 1 from Wonderm00n
Hello,

Yes, you are right, the OTP-C200 will do the job. To be able to log in successfully, the seed of the token MUST BE authorized on the server side, each token (hardware like Feitian or software based) must be authorized on the server side.

Best regards,

André

  3. Re: Is this my solution   Reply   Report abuse  
André Liechti - 2013-07-09 18:06:41 - In reply to message 1 from Wonderm00n
Thanks,

Now the beta version of the version 4 is available on http://www.multiotp.net/

A lot of new functionalities, including QRcode generation (for Google Authenticator and compatible software token), MySQL backend, SMS token and other cool features are available.

Regards,

Andre

 

For more information send a message to info at phpclasses dot org.