[pve-devel] Two-Factor Authentication
Eric Blevins
ericlb100 at gmail.com
Thu Jun 19 19:24:47 CEST 2014
> Interesting, but what happens if yubiko network is down?
Users can setup their own authentication server for yubikeys if that
is a concern.
I'd rather be locked out of my console during an authentication server
outage than have all of my data deleted when my password is
compromised.
There are also other ways to implement two-factor authentication such
as OATH TOTP (Google Authenticator) which is supported by many
applications.
The trend seems to be using apps or smartphones to implement TOTP.
Malware will just start stealing the keys from phones making that
method useless.
Ideally Proxmox would implement Yubikeys and OATH TOTP as two-factor
authentication options.
Yubikey: API is down, your locked out
OATH TOTP: Clocks out of sync, your locked out
More information about the pve-devel
mailing list