On 13/06/2011 7:13pm, nudzo wrote:
http://www.duosecurity.com/ You could use SMS, but they have application for merely any kind of phone to act as 2 factor auth device. Check their python libraries on github and there are integration Django examples.
Ivan I saw a stackoverflow discussion on this and it looks interesting ... http://stackoverflow.com/questions/5096924/implementing-a-secure-two-factor-authentication-for-a-login-page-with-django-form Thanks Mike
I. On Jun 13, 7:36 am, Mike Dewhirst<[email protected]> wrote:I need a choice of login mechanisms ... - Standard django-auth for some users - SMS a one time password for other users Would you think the following is the way to go? The user interface seems clunky to me. Any feedback will be greatly appreciated. 1. Enter the userid and optional password and submit (if it is standard django-auth user then process as normal) 2. If the userid is recognised as a one-time-password user ... if the password is absent or incorrect return a different error message saying to check the cellphone for a new password and try again. 2.1 Get output from a random password generator 2.2 Change the django-auth password and send it via SMS 3. If the userid is recognised as a one-time-password user ... if the password is correct then authenticate the user and change the password yet again so it is guaranteed incorrect for the next login. Thanks Mike
-- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
