2 factor authentication
Toshio Kuratomi
a.badger at gmail.com
Thu Sep 5 19:22:16 UTC 2013
On Thu, Sep 05, 2013 at 08:57:33PM +0200, Till Maas wrote:
> On Thu, Sep 05, 2013 at 12:01:35PM -0500, Ian Weller wrote:
>
> > This is the same for a form that asks for password + token code, but a
> > simple password + token code field raises too many questions for someone
> > who is logging in to an application and has no idea what a token code
> > is.
>
> IMHO it would be nice if the password field can be used to enter both
> password and token code at once to make login less annoying for 2fa
> users and therefore more likely that it is used.
>
At least on the backend that will need to be supported. There are cases
where we'll want to run applications that we don't write ourselves that only
have a single field for password. For those situations, the backend will
have to be able to handle parsing a single password field for a combined
password+2fa.
I don't know if that needs to be expressed on the frontend but if it's
useful we might as well.
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20130905/b4bf227b/attachment.sig>
More information about the infrastructure
mailing list