![]() ![]() This document was created byman2html,using the manual pages. Index NAME SYNOPSIS DESCRIPTION OPTIONS MODULE TYPE PROVIDED RETURN VALUES EXAMPLES SECURITY NOTES SEE ALSO ![]() ![]() The best open source alternative to Authy is Aegis Authenticator. Multi-Factor Authentication (MFA) 9 of 26 Authy alternatives. The Google Authenticator source code and all documentation may bedownloaded from. Time-based One-time Password FreeOTP+ (fork of FreeOTP) has support for TOTP, a computer algorithm that generates Time-based One-Time Passwords. The provided location may include the following short-hands: B]$/.google_authenticator]# Store secret files in a specific location C]auth required pam_google_authenticator.so ]# Use a specific prompt C]auth required pam_google_authenticator.so noskewadj] #Dont compensate time skew automatically SECURITY NOTESįor highest security, make sure that both password and one-time codeare being requested even if password and/or one-time code areincorrect.This means that I]at least] the first of C]pam_unix.so] (orwhatever other module is used to verify passwords) andC]pam_google_authenticator.so] should be set as B]required],not B]requisite]. Encrypting your secrets is strongly recommended, especially if you are logged into a Google account. Always keep a backup of your secrets in a safe location. Use it to add an extra layer of security to your online accounts. OPTIONS secret=I]file] Specify a non-standard file location for the secret file.īy default, the PAM module looks for the secret file in theC].google_authenticator] file within the home of the userlogging in.This option overrides this location. Authenticator generates two-factor authentication (2FA) codes in your browser. The B]pam_google_authenticator] module is designed to protect userauthentication with a second factor, either time-based (TOTP) orcounter-based (HOTP).Prior logging in, the user will be asked for both its password and aone-time code.Such one-time codes can be generated with the Google Authenticatorapplication, installed on the users Android device.To respectively generate and verify those one-time codes, a secret key(randomly generated) must be shared between the device on whichone-time codes are generated and the system on which this PAM module isenabled.ĭepending on its configuration (see I]options] section), thismodule requires that a secret file is manually set up for each accounton the system.This secret file holds the secret key and user-specific options (seeB]google-authenticator](1)).Unless the B]nullok] option is used, authentication tries will berejected if such secret file doesnt exist.Alternatively, a system administrator may create those secret files onbehalf of the users and then communicates to them the secret keys. Pam_google_authenticator - PAM module for Google two-factorauthentication SYNOPSISī]pam_google_authenticator.so] file]]prompt]] username]] 0nnn]] DESCRIPTION ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |