[Freeipa-devel] [PATCH 0057] Add TOTP watermark support
Alexander Bokovoy
abokovoy at redhat.com
Fri Jul 25 08:24:47 UTC 2014
On Fri, 11 Jul 2014, Nathaniel McCallum wrote:
>This prevents the reuse of TOTP tokens by recording the last token
>interval that was used. This will be replicated as normal. However,
>this patch does not increase the number of writes to the database
>in the standard authentication case. This is because it also
>eliminates an unnecessary write during authentication. Hence, this
>patch should be write-load neutral with the existing code.
>
>Further performance enhancement is desired, but is outside the
>scope of this patch.
>
>https://fedorahosted.org/freeipa/ticket/4410
ACK. I've tested it with successive LDAP binds with TOTP token and only
first attempt to bind was successful with the same TOTP code.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list