[
https://issues.apache.org/jira/browse/GUACAMOLE-272?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16038896#comment-16038896
]
Nick Couchman commented on GUACAMOLE-272:
-----------------------------------------
So, my gut feeling here is that we could do a native 2FA authentication system,
but I'd suggest *not* an e-mail- (or SMS-) based one. I would be more tempted
to go with something like Google Authenticator with a rotating token. If you
really want to do 2FA with e-mail or SMS, there's a RADIUS extension that
should be available, soon, and you can use that plus RADIUS plus your favorite
OTP implementation (LinOTP, OpenOTP) to do the e-mail or SMS-based
authentication.
There are a couple of Java libraries available for generating OTPs, we would
just need to figure out the best place to implement it (bolt on to JDBC
modules, separate module, etc.) and do the work. If you have any experience
coding Java and want to jump in and help, we welcome the contributions!
> Alternative to Duo
> ------------------
>
> Key: GUACAMOLE-272
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-272
> Project: Guacamole
> Issue Type: Improvement
> Reporter: Chris Wheeler
>
> I love the fact that you support 2 factor authentication, but I am
> disappointed it costs money when you have more than 10 users. I would like to
> propose that you implement a simple native 2FA option. All you would need to
> do is add a configurable email field for each user, and configurable SMTP
> settings. When the user logs in, it would prompt for a pin, then send that
> pin to their email address.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
