FireBrick OTP: Difference between revisions
Content deleted Content added
Added a clearer reference to how to log in with an OTP code and password |
m clean up, typos fixed: Event based → Event-based (2), 2 stage → 2-stage |
||
| Line 9: | Line 9: | ||
=Uses on a FireBrick= |
=Uses on a FireBrick= |
||
*More secure admin login to the FireBrick - user needs a password and the OTP |
*More secure admin login to the FireBrick - user needs a password and the OTP |
||
*Users can log in to the FireBrick to open up the firewall from their IP, as a 2 |
*Users can log in to the FireBrick to open up the firewall from their IP, as a 2-stage login process to your LAN |
||
*Have normal users with passwords for access to the FB from known IPs, but allow an OTP user to login to the FireBrick from any IP address. |
*Have normal users with passwords for access to the FB from known IPs, but allow an OTP user to login to the FireBrick from any IP address. |
||
| Line 18: | Line 18: | ||
There free apps available for iPhone, Nokia, Android etc. |
There free apps available for iPhone, Nokia, Android etc. |
||
(These listed apps are a little old now, there may be better ones available...) |
(These listed apps are a little old now, there may be better ones available...) |
||
*[https://itunes.apple.com/us/app/authenticator/id766157276?mt=8 Authenticator] is a free iPhone app (verified working with FireBrick |
*[https://itunes.apple.com/us/app/authenticator/id766157276?mt=8 Authenticator] is a free iPhone app (verified working with FireBrick 20 December 2016) |
||
*[http://itunes.apple.com/us/app/oath-token/id364017137?mt=8 OATH Token] is a free iPhone app - (there are others too) |
*[http://itunes.apple.com/us/app/oath-token/id364017137?mt=8 OATH Token] is a free iPhone app - (there are others too) |
||
*[http://www.ds3global.com/index.php?option=com_content&task=view&id=71 DS3 OATHDSSS] is an event-based OATH token for J2ME capable phones |
*[http://www.ds3global.com/index.php?option=com_content&task=view&id=71 DS3 OATHDSSS] is an event-based OATH token for J2ME capable phones |
||
| Line 27: | Line 27: | ||
*Secret - this is usually the base32 encoding of the HEX key which you enter into your FireBrick. (You could use [http://tomeko.net/online_tools/hex_to_base32.php?lang=en this] to do the conversion for you.] |
*Secret - this is usually the base32 encoding of the HEX key which you enter into your FireBrick. (You could use [http://tomeko.net/online_tools/hex_to_base32.php?lang=en this] to do the conversion for you.] |
||
*Digits - how many digits you want to use |
*Digits - how many digits you want to use |
||
*Interval - the time in seconds that the OTP changes, or set to Event |
*Interval - the time in seconds that the OTP changes, or set to Event-based. |
||
You can also use something like [http://dan.hersam.com/tools/gen-qr-code.html this] to generate a QR code for your app to scan. Use the following settings: |
You can also use something like [http://dan.hersam.com/tools/gen-qr-code.html this] to generate a QR code for your app to scan. Use the following settings: |
||
| Line 42: | Line 42: | ||
*Key - this is the HEX key that will be given to you from the OTP device. |
*Key - this is the HEX key that will be given to you from the OTP device. |
||
*Digits - how many digits the OTP device gives you. |
*Digits - how many digits the OTP device gives you. |
||
*Interval - the time in seconds that the OTP changes, or set to Event |
*Interval - the time in seconds that the OTP changes, or set to Event-based. |
||
*Validate - these are the 3 sequential values from the device - i.e., enter in the current value, wait for it to update, enter in the new value, and then the same for the third value. |
*Validate - these are the 3 sequential values from the device - i.e., enter in the current value, wait for it to update, enter in the new value, and then the same for the third value. |
||
Click update, and should be set. |
Click update, and should be set. |
||