Hy
Implementing an option of a two step authentication would be great.
I'm currently using a Yubikey and a LastPass combo with a strong password on my DS. It would be simpler to implement the same option into DS from the start.
Suggestion: Two step authentiaction
3 posts
• Page 1 of 1
Suggestion: Two step authentiaction
by gxs » Fri Jun 08, 2012 1:47 pm
- gxs
- I'm New!
- Posts: 4
- Joined: Wed Jun 06, 2012 8:17 am
Re: Suggestion: Two step authentiaction
by Jacq » Mon Aug 27, 2012 8:30 pm
I think the same, it will be nice to have a two step verification.
Using the mail to validate new clients could be the easier solution.
Also the new solution that implements dropbox http://mashable.com/2012/08/27/dropbox-two-step-verification/ by means of the google authenticator http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447 is quite interesting.
Anyway, in case of succesfull login, ¿is possible to automatically send a email to the admin with the source ip, login user...?, I couldn't find it, only the option to block the ip for incorrect login info.
Using the mail to validate new clients could be the easier solution.
Also the new solution that implements dropbox http://mashable.com/2012/08/27/dropbox-two-step-verification/ by means of the google authenticator http://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447 is quite interesting.
Anyway, in case of succesfull login, ¿is possible to automatically send a email to the admin with the source ip, login user...?, I couldn't find it, only the option to block the ip for incorrect login info.
- Jacq
- I'm New!
- Posts: 1
- Joined: Mon Aug 27, 2012 8:20 pm
Re: Suggestion: Two step authentiaction
by vuwuwuv » Fri Oct 12, 2012 11:47 am
Hi!
2-step authentication would be very welcome and useful. It adds another security layer where not only a traditional eavesdroppable username+password combination is necessary for login. It would also make brute forcing virtually impossible as adding the one-time password makes for ever-shifting correct login credentials.
Google has developed a PAM which goes hand in hand with authenicators on iOS, Android and Blackberry.
http://code.google.com/p/google-authenticator/
Please add it as a security option for logins through both the desktop, mobile web UIs and VPNs, it would be much appreciated!
VPN 2-step logins would be nice as well but difficult to implement on the client side at least on some less open mobile devices. As a workable-now solution, the Google authenticator and PAM combination can be used for supplying one-time passwords for use when opening up a VPN tunnel to the NAS. Since at least the non-jailbroken iOS VPN client implementation can only accept a username and password, it would be nice to be able to pass a password "salt" combined with a one-time authentication code from the google authentication as a VPN password to the Synology server.
E.g.
password "salt": €Et7/rD!,å stored in the VPN server on the NAS
On mobile device:
Google Authenticator generates 98347523
VPN client login on mobile device:
username: yourchoice
password: €Et7/rD!,å98347523
I only open up my firewall for inbound PPTP/OpenVPN so that would be much appreciated.
Thank you!
(not affiliated with Google in any way)
2-step authentication would be very welcome and useful. It adds another security layer where not only a traditional eavesdroppable username+password combination is necessary for login. It would also make brute forcing virtually impossible as adding the one-time password makes for ever-shifting correct login credentials.
Google has developed a PAM which goes hand in hand with authenicators on iOS, Android and Blackberry.
http://code.google.com/p/google-authenticator/
Please add it as a security option for logins through both the desktop, mobile web UIs and VPNs, it would be much appreciated!
VPN 2-step logins would be nice as well but difficult to implement on the client side at least on some less open mobile devices. As a workable-now solution, the Google authenticator and PAM combination can be used for supplying one-time passwords for use when opening up a VPN tunnel to the NAS. Since at least the non-jailbroken iOS VPN client implementation can only accept a username and password, it would be nice to be able to pass a password "salt" combined with a one-time authentication code from the google authentication as a VPN password to the Synology server.
E.g.
password "salt": €Et7/rD!,å stored in the VPN server on the NAS
On mobile device:
Google Authenticator generates 98347523
VPN client login on mobile device:
username: yourchoice
password: €Et7/rD!,å98347523
I only open up my firewall for inbound PPTP/OpenVPN so that would be much appreciated.
Thank you!
(not affiliated with Google in any way)
- vuwuwuv
- I'm New!
- Posts: 4
- Joined: Sat Jun 02, 2012 2:06 pm
3 posts
• Page 1 of 1
Return to Feature Requests & Product Improvement Suggestions
Who is online
Users browsing this forum: No registered users and 7 guests