[Freeipa-devel] [PATCH 0062] Use delete/add for OTP counter/watermark updates
Simo Sorce
ssorce at redhat.com
Fri Aug 29 12:59:31 UTC 2014
On Thu, 2014-08-28 at 22:54 -0400, Nathaniel McCallum wrote:
> This prevents any local attempt at rapid token code replay. If two
> token codes hit the system at roughly the same moment, only the
> first write will succeed. All subsequent authentications will fail.
>
> This obviates the need for an OTP authentication lock.
>
> https://fedorahosted.org/freeipa/ticket/4493
LGTM.
Simo.
More information about the Freeipa-devel
mailing list