Hi, For the security Posibility to active "Two-factor authentication" for a ispconfig account (admin by exemple) To posibility - duosecurity - Yubikey Thanks
Yes that would be very nice! Maybe soft token could be used on etc. android tablet/phone like etc http://www.dynalogin.org/
What would you think of this: http://www.dynalogin.org/ I see the following benefits: - Self hosted (and self controlled) 2nd auth step - uses standards to support different hardware- and soft-tokens - comes with an android soft-token with sourcecode -> so you can brand it with your own logo - can act as OpenID provider -> Next Idea for ISPConfig: New Flag "Disable OpenID" to Mail Users and pass not-activated mail users to Dynalogin for authentication via OpenID. Could be done by including a subdomain 'id' to each zone which points to the DynaLogin-Server. So my OpenID URL would be http://id.customerdom.ain/theWeird
nearly done Hey all, I study a little bit the plugin structure and was able to create a two-factor authentication. But sadly I need a little bit help. If I manually add my secret and a var, which say if the user use a two-factor authentication, then everything works, but I'm not able to create the form (as I would like to have it) in ISPConfig3. So if there is someone who is able to create some forms with database entrys and updates then please PN me. I hope there will be a response soon, so that we can release the two-factor-authentication together. Greetings from Germany, Denny Note: There is also a picture which show the 2-factor-auth (don't worry - I use a special theme for my ispconfig)
Done! Hey there, I'm done with my work. I made a little video which shows how the plugin work. Enjoy it Link: http://www.youtube.com/watch?v=1YWcwxPN8VI Greetings from Germany, Denny
Hey, it's nice that you like it. But unfortunately it's not done yet and there are some little fixes outstanding. After I fix everything I'll search after some tester who'll implement it and test it. Is this process ok I'll give it away (and maybe it will implement in ISPConfig3 for the new version (if Till say it's good enough)) Best regards, Denny
I improved my addon a little bit. It now support some SMS Api to send the needed PIN in the beginning via SMS Provider/GSM-Modem.
Sorry for the late answer - had a lot to do I really don't know why it should specially support playsms. As it seems playsms is just a webapplication which sends the commands to the local connected gsm modem. The current addon just send the sms-command directly to the gsm moden - no wrapper (like playsms) is needed.
Do you ever released the source code? If not, and it's not developed anymore, can you send me your work and i'll finish it? cheers
FYI: Two-Factor Authentication Module is working with the newest ISPConfig Version (stand now 3.1.6), will be immediatly updated after new ispconfig releases and available to buy. If you're interested send me an Email (denny _at_ bortfeldt _dot_ net) with the subject "TFA".
