Suggestion: Two step authentiaction

Discuss with the community any ideas you'd love to see in future DiskStations and DSM updates! We do our best to monitor and forward all of them, but we recommend to also use this form as our team will systematically see your suggestion: ... y/feedback
Forum rules
We do our best to monitor and forward your ideas to our team, but due to the large amount, we may not see every single one and recommend to also use this form as our team will systematically see your suggestion: ... y/feedback
I'm New!
I'm New!
Posts: 6
Joined: Wed Jun 06, 2012 8:17 am

Suggestion: Two step authentiaction

Postby gxs » Fri Jun 08, 2012 1:47 pm


Implementing an option of a two step authentication would be great.
I'm currently using a Yubikey and a LastPass combo with a strong password on my DS. It would be simpler to implement the same option into DS from the start.
Posts: 12
Joined: Mon Aug 27, 2012 8:20 pm

Re: Suggestion: Two step authentiaction

Postby Jacq » Mon Aug 27, 2012 8:30 pm

I think the same, it will be nice to have a two step verification.
Using the mail to validate new clients could be the easier solution.
Also the new solution that implements dropbox by means of the google authenticator is quite interesting.

Anyway, in case of succesfull login, ¿is possible to automatically send a email to the admin with the source ip, login user...?, I couldn't find it, only the option to block the ip for incorrect login info.
Posts: 13
Joined: Sat Jun 02, 2012 2:06 pm

Re: Suggestion: Two step authentiaction

Postby vuwuwuv » Fri Oct 12, 2012 11:47 am


2-step authentication would be very welcome and useful. It adds another security layer where not only a traditional eavesdroppable username+password combination is necessary for login. It would also make brute forcing virtually impossible as adding the one-time password makes for ever-shifting correct login credentials.

Google has developed a PAM which goes hand in hand with authenicators on iOS, Android and Blackberry.

Please add it as a security option for logins through both the desktop, mobile web UIs and VPNs, it would be much appreciated!

VPN 2-step logins would be nice as well but difficult to implement on the client side at least on some less open mobile devices. As a workable-now solution, the Google authenticator and PAM combination can be used for supplying one-time passwords for use when opening up a VPN tunnel to the NAS. Since at least the non-jailbroken iOS VPN client implementation can only accept a username and password, it would be nice to be able to pass a password "salt" combined with a one-time authentication code from the google authentication as a VPN password to the Synology server.

password "salt": €Et7/rD!,å stored in the VPN server on the NAS

On mobile device:
Google Authenticator generates 98347523

VPN client login on mobile device:
username: yourchoice
password: €Et7/rD!,å98347523

I only open up my firewall for inbound PPTP/OpenVPN so that would be much appreciated.

Thank you!

(not affiliated with Google in any way)
User avatar
I'm New!
I'm New!
Posts: 2
Joined: Sun Sep 08, 2013 4:07 pm
Location: The Netherlands

Re: Suggestion: Two step authentiaction - YubiKey Nano

Postby Hulky42 » Fri Mar 04, 2016 2:30 pm

Hi Synology Development,

A few months ago I bought two Yubico "[url]]" USB Keys because I believe in strong authentication, Open Standards and OpenSource. So far, there is only (a growing) limited support by other OpenSource products. Waiting also for Mozilla Firefox and Thunderbird support.

Maybe there can be a differentiation made by Synology Development to apply the YubiKey authentication by default for access via the Internet only and have Local Network access, where the Synology NAS is located, accessed by the traditional way, without the YubiKey?

Thanks in advance, Regards!
"Lean & Clean"

Return to “Feature Requests & Product Improvement Suggestions”

Who is online

Users browsing this forum: No registered users and 7 guests