1 |
Am Wednesday 17 September 2008 15:04:19 schrieb Alan McKinnon: |
2 |
> I had thought of that, but I'm shying away from it - the admin load of |
3 |
> supporting that many user passwords is crippling. The users forget their |
4 |
> passwords or share them and write them on stciky notes... |
5 |
|
6 |
What about one-time-passwords? In addition to a user-supplied SSH-key (whether |
7 |
encrypted or not)? There's J2ME-software (i.e., installable on pretty much |
8 |
any "normal" mobile phone) to compute OTPs for users, so you don't even need |
9 |
additional hardware such as RSA-Tokens, and there's no (noticeable) |
10 |
administration-overhead. |
11 |
|
12 |
Some intro on this which I just found on google which uses opie: |
13 |
|
14 |
http://www.heise-online.co.uk/security/One-time-passwords-for-home-users--/features/88570 |
15 |
|
16 |
-- |
17 |
Heiko Wundram |