Actions
Feature #50
openFeature #49: add PAM module
add support for offline tokens
Start date:
05 July 2015
Due date:
% Done:
70%
Estimated time:
Description
a token should be markable as being allowed to be used for offline logins.
- to improve security against offline attacks (e.g. a stolen notebook) tokens should only be saved encrypted
- another idea would be to use another (offline) secret when doing offline logins. * this requires special support within the used softtoken or can be accomplished by using a second (offline) profile
Updated by The 2nd over 9 years ago
- % Done changed from 30 to 60
- basic offline support working
- current implementation needs a static part in the password/OTP that is used to encrypt the token config
Actions