On Thu, 22 Dec 2022 at 14:01, seba.wag...@gmail.com <seba.wag...@gmail.com> wrote:
> Sry I did not have enough time. But it would be a good feature to add. > > Also a good message we can share around enhancing OpenMeetings security. > Relevant for many education/public environments. > I agree :)) Will update JIRA/demo-next when will have something working :) > > Thx > Seb > > Sebastian Wagner > Director Arrakeen Solutions, OM-Hosting.com > http://arrakeen-solutions.co.nz/ > https://om-hosting.com - Cloud & Server Hosting for HTML5 > Video-Conferencing OpenMeetings > > <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> > <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> > > > On Thu, 22 Dec 2022 at 18:37, Maxim Solodovnik <solomax...@gmail.com> > wrote: > >> https://issues.apache.org/jira/browse/OPENMEETINGS-2755 >> >> will try to implement it :) >> >> On Wed, 3 Aug 2022 at 13:45, Ali Alhaidary <ali.alhaid...@the5stars.org> >> wrote: >> >>> +1 >>> >>> Yes, why not... >>> >>> Ali >>> On 8/3/22 8:34 AM, Maxim Solodovnik wrote: >>> >>> we already have BSD 3-clause: >>> https://github.com/apache/openmeetings/blob/master/LICENSE#L2479 >>> will need to add one line only :) >>> >>> On Wed, 3 Aug 2022 at 12:25, seba.wag...@gmail.com < >>> seba.wag...@gmail.com> wrote: >>> >>>> There seem to be a few options for Google using Java >>>> E.g. https://github.com/wstrange/GoogleAuth >>>> >>>> I don't quite see in that lib how it generates the QR code for scanning >>>> but there should be a way :) >>>> >>>> The BSD license would require us to add a copy left into our License >>>> file, but in general it would be compatible imho. >>>> >>>> Thanks >>>> Seb >>>> >>>> Sebastian Wagner >>>> Director Arrakeen Solutions, OM-Hosting.com >>>> http://arrakeen-solutions.co.nz/ >>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>> Video-Conferencing OpenMeetings >>>> >>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>> >>>> >>>> On Wed, 3 Aug 2022 at 16:12, Maxim Solodovnik <solomax...@gmail.com> >>>> wrote: >>>> >>>>> Hello Seb, >>>>> >>>>> Sorry for a late response, I'm on vacation :) >>>>> >>>>> I would >>>>> +1 this feature :) >>>>> >>>>> The problems we'll need to solve >>>>> - add 2fa mechanisms other than email (not sure if apps like "Google >>>>> authenticator" has open source API :(, we can use telegram API ....) >>>>> - we'll need to move this out of om_user db table (maybe with >>>>> activation_hash and *reset-password-hash* >>>>> >>>>> Need to be investigated and carefully refactored :) >>>>> >>>>> from mobile (sorry for typos ;) >>>>> >>>>> >>>>> On Wed, Aug 3, 2022, 10:15 seba.wag...@gmail.com < >>>>> seba.wag...@gmail.com> wrote: >>>>> >>>>>> Not many pros or cons in this discussion. >>>>>> >>>>>> But I think it would be a good option to have available for users. As >>>>>> well as a good feature to advertise for. Especially in order to use >>>>>> OpenMeetings in a Gov/Education environment where compliance may require >>>>>> to >>>>>> have 2 factor auth for applications in order for using it. >>>>>> >>>>>> So I assume I can create some tickets and get this on the way. >>>>>> >>>>>> Thanks >>>>>> Seb >>>>>> >>>>>> >>>>>> >>>>>> Sebastian Wagner >>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>> http://arrakeen-solutions.co.nz/ >>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>> Video-Conferencing OpenMeetings >>>>>> >>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>> >>>>>> >>>>>> On Mon, 1 Aug 2022 at 09:31, seba.wag...@gmail.com < >>>>>> seba.wag...@gmail.com> wrote: >>>>>> >>>>>>> I would like to add a ticket to investigate and look into adding 2 >>>>>>> factor authentication to OpenMeetings. As an optional feature, default >>>>>>> would be turned off. >>>>>>> >>>>>>> There are various libraries to achieve 2 factor auth. I would >>>>>>> probably prefer using the Google Authenticator as a method since it >>>>>>> seems >>>>>>> the most widely adopted authenticator. >>>>>>> >>>>>>> In terms of turning it on/off I would add 2 flags: >>>>>>> - On a per server basis a flag to generally turn 2 factor auth on >>>>>>> or off >>>>>>> - On a per individual account basis so you can turn 2 factor >>>>>>> auth on/off for an individual user >>>>>>> >>>>>>> This would not affect past installations. >>>>>>> This would not affect logging in via Soap/Rest. >>>>>>> >>>>>>> I think this would be a good feature to improve security. >>>>>>> >>>>>>> Let me know what you think, and I will add a ticket and look into >>>>>>> adding this over the next few weeks. >>>>>>> >>>>>>> Thanks >>>>>>> Seb >>>>>>> >>>>>>> Sebastian Wagner >>>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>>> http://arrakeen-solutions.co.nz/ >>>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>>> Video-Conferencing OpenMeetings >>>>>>> >>>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>>> >>>>>> >>> >>> -- >>> Best regards, >>> Maxim >>> >>> >> >> -- >> Best regards, >> Maxim >> > -- Best regards, Maxim
