Hello Alex, On 12/11/2013 12:51 PM, Alex Band wrote:
2. Build an implementation for two-factor authentication for RIPE NCC Access, supporting at least: - HMAC-Based One-Time Password (HOTP) - Time-Based One-Time Password (TOTP)
Good idea, I completely agree. I would like to suggest you to investigate also the possiblity of a 2 layer access. For example, at this point I find it quite annoying that the the authentication times out after an hour (?) - especially when playing with low-impact stuff like RIPE Atlas. So requiring an OTP once an hour will be very inconvenient. A possible way: keep username/password for 'simple' services (ideally with a longer timeout), ask additionally for the OTP only when a more sensitive service is accessed (like lirportal). Best regards, Gilles -- Fondation RESTENA - DNS-LU 6, rue Coudenhove-Kalergi L-1359 Luxembourg tel: (+352) 424409 fax: (+352) 422473