Hi Daniel from Authy here. I helped with the design of this infrastructure last year and I was a little shocked we weren't able to do automatic fail-over with PostgreSQL.
I'd be interested to know if anyone here is running a Postgres pool that handles automatic fail-over how are you doing it? Specifically which watch-dog are you using, how are they handling slave to master promotion, how do you add more slaves automatically and how do you load-balance.
Sorry, this is not a reply, but I second that motion. I'm currently involved in a project with a pretty big Postgres DB, but we haven't been able to find good literature about high availability deployments. It also seems like all solutions are third party software, most of which lack proper documentation or haven't been updated in a long time.
OpenVPN has a built-in 2-factor authentication based on the X509 certificates: you need to have a valid certificate together with a valid password to connect to the VPN service. SMS/phone based authentication does not add another factor since it is also a "what you have" type of authentication (i.e. your laptop can be stolen in exactly the same time as your phone is stolen). Of course, X509 certificates work the best in the enterprise environment but that's the OpenVPN target market anyway.
Given that it's possible to memorize a certificate, it definitively cannot be a 'something you have' factor. Something you have is more than just data. A client cert is nothing more than a fancy long password.
The base64-encoded SSL certificate for *.ycombinator.com is 1,755 characters. Maybe there are a few savants in the world who are capable of memorizing that, but for the overwhelming majority of human beings, it's never going to happen.
By that argument, no physical tokens (secureid, yubikey, etc) add another factor - they also _could_ be stolen at the same time as your laptop is stolen.
You are absolutely correct :) If you already have a certificate on your laptop, or SMS based authentication, then adding securid token will not change the security profile of the system. Yes, you might get extra security protection if you employ additional measures (e.g. store secureid token in the office safe at all times) but the attack vectors will still be the same.
There are different authentication factors: what you know (e.g. password), what you have (e.g. token), and who you are (e.g. iris scans). In general, adding multiple types of the same factor does not actually increase the security (e.g. having password + pin is no really better than just having a password). The actual multi-factor authentication should include different factors to protect against different attack vectors.
There is, though, a difference between stealing my laptop, my phone, and my keyring. Sure, a targeted attack by a nation state aiming to get access to my multi-factor-auth services could grab all three at once, but the chance of an opportunistic theft acquiring any two or all three of those devices is _very_ much smaller than just the laptop.
I'd be interested to know if anyone here is running a Postgres pool that handles automatic fail-over how are you doing it? Specifically which watch-dog are you using, how are they handling slave to master promotion, how do you add more slaves automatically and how do you load-balance.