[squid-users] One Time Password with squid, exists?
Eliezer Croitoru
eliezer at ngtech.co.il
Thu Mar 12 01:50:32 UTC 2015
Hey List,
I was wondering about if OTP was ever implemented officially with squid?
I have seen that most OTP works with some kind of third party system
such as a radius server.
I had in mind a simple setup with a mysql backend and a php\cgi\other
frontend that will create a one time password for the user which will be
valid for some period of time\window.
The options for authentication are:
- basic (via db)
- digest
For me the most simple setup with a basic authentication would be the
most simple to implement but digest I cannot yet understand so I cannot
really create a fully blown system for that.
If the list users can help me to compose the sketch for the idea I will
might be able to implement a basic OTP idea with a mysql DB.
What one time password authentication should contain?
How long should a password be usable?
What would invalidate the password?
How many wrong passwords should be considered a cracking trial?
If you have more ideas about the subject I would be happy to see them here.
Thanks In Advance,
Eliezer Croitoru
More information about the squid-users
mailing list