appending OATH code to password?
David Woodhouse
dwmw2 at infradead.org
Sat Dec 19 01:16:12 PST 2015
On Fri, 2015-12-18 at 19:39 +0000, Daniel Lenski wrote:
> Daniel Lenski gmail.com> writes:
>
> >
> > Hi all,
> > I frequently connect to a VPN that uses TOTP-based 2FA. The TOTP code
> > *must* be entered by appending it to the user-entered password.
And I think I saw a Juniper authentication script which does this too.
I'm happy enough to add and option to do this.
> > I think it'd be useful to offer an option to customize the form field that
> > receives OATH or SecurID code, perhaps including the option to append the
> > token to another field.
This one is a bit more fun; this has always been a dodgy heuristic. Do
you have examples of where else we'd need to trigger it?
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20151219/6a8d958b/attachment.bin>
More information about the openconnect-devel
mailing list