| 1 |
Am Wednesday 17 September 2008 15:04:19 schrieb Alan McKinnon: |
| 2 |
> I had thought of that, but I'm shying away from it - the admin load of |
| 3 |
> supporting that many user passwords is crippling. The users forget their |
| 4 |
> passwords or share them and write them on stciky notes... |
| 5 |
|
| 6 |
What about one-time-passwords? In addition to a user-supplied SSH-key (whether |
| 7 |
encrypted or not)? There's J2ME-software (i.e., installable on pretty much |
| 8 |
any "normal" mobile phone) to compute OTPs for users, so you don't even need |
| 9 |
additional hardware such as RSA-Tokens, and there's no (noticeable) |
| 10 |
administration-overhead. |
| 11 |
|
| 12 |
Some intro on this which I just found on google which uses opie: |
| 13 |
|
| 14 |
http://www.heise-online.co.uk/security/One-time-passwords-for-home-users--/features/88570 |
| 15 |
|
| 16 |
-- |
| 17 |
Heiko Wundram |
Archives