oath-toolkit-help
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OATH-Toolkit-help] [sr #109259] Ability to use customized prompts


From: anonymous
Subject: [OATH-Toolkit-help] [sr #109259] Ability to use customized prompts
Date: Tue, 14 Feb 2017 13:18:11 -0500 (EST)
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:48.0) Gecko/20100101 Firefox/48.0

URL:
  <http://savannah.nongnu.org/support/?109259>

                 Summary: Ability to use customized prompts
                 Project: OATH Toolkit
            Submitted by: None
            Submitted on: Tue 14 Feb 2017 06:18:10 PM UTC
                Category: None
                Priority: 5 - Normal
                Severity: 1 - Wish
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: GNU/Linux

    _______________________________________________________

Details:

While the current prompt ("One-time password (OATH) for ...") is precise it
would be nice to override this prompt with something more generic (such as
"Validation Code:").  

>From a security standpoint this also provides an additional layer of
information hiding.  While not providing any real security, a clean
non-descript prompt does cover up the source of pam_oath.  This also allows
for pam_oath to be dropped in as a replacement for Google Authenticator
without any impact to end users (and the "why's the prompt different?"
discussions).

Perhaps an additional variable that can be passed to pam_oath.so?
(prompt="...")






    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/support/?109259>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/




reply via email to

[Prev in Thread] Current Thread [Next in Thread]