mainOATH Toolkit - Support: sr #109259, Ability to use customized prompts

 
 

sr #109259: Ability to use customized prompts

Submitter:  None
Submitted:  Tue 14 Feb 2017 06:18:10 PM UTC
   
 
Category:  None Priority:  5 - Normal
Severity:  1 - Wish Status:  None
Privacy:  Public Assigned to:  None
Originator Email:  -email is unavailable- Open/Closed:  Open
Operating System:  GNU/Linux
* Mandatory Fields

Add a New Comment Rich Markup
   

Tue 14 Feb 2017 06:18:10 PM UTC, original submission:  

While the current prompt ("One-time password (OATH) for ...") is precise it would be nice to override this prompt with something more generic (such as "Validation Code:"). 

From a security standpoint this also provides an additional layer of information hiding.  While not providing any real security, a clean non-descript prompt does cover up the source of pam_oath.  This also allows for pam_oath to be dropped in as a replacement for Google Authenticator without any impact to end users (and the "why's the prompt different?" discussions).

Perhaps an additional variable that can be passed to pam_oath.so? (prompt="...")


Anonymous

 

(Note: upload size limit is set to 16384 kB, after insertion of the required escape characters.)

Attach Files:
   
   
Comment:
   

No files currently attached

 

Depends on the following items: None found

Items that depend on this one: None found

 

CC list is empty

 

There are 0 votes so far. Votes easily highlight which items people would like to see resolved in priority, independently of the priority of the item set by tracker managers.

Only logged-in users can vote.

 

No changes have been made to this item

Back to the top

Copyright © 2024 Free Software Foundation, Inc.
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.
The Levitating, Meditating, Flute-playing Gnu logo is a GNU GPL'ed image provided by the Nevrax Design Team.
Page source code

Powered by Savane 3.14-8eb0.
Corresponding source code