Perhaps you may want delivering PIN to user's cellular over SMS. Anyway Freeradius seems not to be enough, at least you would need some external database and web server - both for creating and storing PINs. I did the task using FR, Apache and MySql. As I see, my concept is quite similar to Nick's one.
Regards, Rudolf. -----Original Message----- From: freeradius-users-bounces+rudolf.susnik=telekom...@lists.freeradius.org [mailto:freeradius-users-bounces+rudolf.susnik=telekom...@lists.freeradius.org] On Behalf Of Nick Owen Sent: Tuesday, December 13, 2011 6:58 PM To: FreeRadius users mailing list Subject: Re: Freeradius as a PIN server? On Tue, Dec 13, 2011 at 11:07 AM, Peter Moreton <peter.more...@cbi.org.uk> wrote: > Sorry for the newbie question, but, quite simply, could Freeradius be > configured to provide a simple 'PIN Server' ? - I want users to be > able to choose a 4 digit PIN, and then have Freeradius validate Logon > requests using the username/PIN combination (in addition to some > separate LDAP > authentication) > > > > Really, I am looking to build a lightweight 2-factor authentication > system, without the expense of RSA SecurID or similar. I'm afraid knowledge of a PIN and knowledge of a password is not two-factor authentication, it is just more of a one-factor authentication. Feel free to use our open-source two-factor authentication system: http://www.wikidsystems.com/community-version. If someone wants to contribute a freeradius rlm module using one of our api packages, we would greatly appreciate it: http://www.wikidsystems.com/downloads/network-clients Nick -- -- Nick Owen WiKID Systems, Inc. 404.962.8983 http://www.wikidsystems.com Commercial/Open Source Two-Factor Authentication - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html