[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OATH-Toolkit-help] [sr #109259] Ability to use customized prompts

From: anonymous
Subject: [OATH-Toolkit-help] [sr #109259] Ability to use customized prompts
Date: Tue, 14 Feb 2017 13:18:11 -0500 (EST)
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:48.0) Gecko/20100101 Firefox/48.0


                 Summary: Ability to use customized prompts
                 Project: OATH Toolkit
            Submitted by: None
            Submitted on: Tue 14 Feb 2017 06:18:10 PM UTC
                Category: None
                Priority: 5 - Normal
                Severity: 1 - Wish
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
        Operating System: GNU/Linux



While the current prompt ("One-time password (OATH) for ...") is precise it
would be nice to override this prompt with something more generic (such as
"Validation Code:").  

>From a security standpoint this also provides an additional layer of
information hiding.  While not providing any real security, a clean
non-descript prompt does cover up the source of pam_oath.  This also allows
for pam_oath to be dropped in as a replacement for Google Authenticator
without any impact to end users (and the "why's the prompt different?"

Perhaps an additional variable that can be passed to pam_oath.so?


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]