|
|
|
|
|
|
by bithive123
5062 days ago
|
|
|
I think the better advice is to completely decouple your authentication from your web app, and then add two-factor authentication to that. We use Kerberos/LDAP at work so are able to use CoSign to provide web SSO. I did a quick write-up about a service that I wrote which allows me to use Google Authenticator as an additional factor with CoSign: http://it.isevil.org/blog/2011/11/13/authentication-service-... Since it's just a Sinatra app, the web service could be used by other things. We also use it with FreeRADIUS so our users can use their second factor on the web and in their VPN client. |
|
|