| 1 |
On Mon, Oct 14, 2013 at 10:45:10PM +0200, Alan McKinnon wrote |
| 2 |
|
| 3 |
> Access to my backend network is two-factor - ssh keys and decent |
| 4 |
> passwords. |
| 5 |
|
| 6 |
That is *NOT* Two-factor authentication. See |
| 7 |
http://en.wikipedia.org/wiki/Multi-factor_authentication for the |
| 8 |
details. Executive summary... Two-factor authentication requires you to |
| 9 |
present two authentication factors each time. I.e. it's A *AND* B. |
| 10 |
Your setup is A *OR* B. The usual implimentations include 2 factors... |
| 11 |
1) userID+password |
| 12 |
2) a small credit-card-sized unit that generates random-looking |
| 13 |
multi-digit numbers that change every minute. |
| 14 |
|
| 15 |
In order to logon the user must enter both the userID+password combo |
| 16 |
*AND* the current number on the token card. |
| 17 |
|
| 18 |
-- |
| 19 |
Walter Dnes <waltdnes@××××××××.org> |
| 20 |
I don't run "desktop environments"; I run useful applications |
Archives