Improve security

Post your feature requests for OpenVPN Access Server here.
Post Reply
xorinzor
OpenVpn Newbie
Posts: 4
Joined: Fri Dec 07, 2018 3:28 pm

Improve security

Post by xorinzor » Wed Dec 12, 2018 1:15 pm

Hi,

I installed a OpenVPN Access Server today and am absolutely thrilled that it supports Two-Factor authentication.
The only thing I found during testing is that it will, while connecting to the VPN, check the password first, and the authenticator code second.

It'd be much more secure if it would check the code first, and the password second. This way, people (crooks) who will try to guess your password, will need to get the correct code first. Which, because it continually changes, is much harder, and thus way more secure.

Is this something I can configure myself? Or is this something that the OpenVPN team has to hard-code into the server?

EDIT: It would be great if the same concept could be applied to the Client Web-UI login page.

Regards,
Jorin

xorinzor
OpenVpn Newbie
Posts: 4
Joined: Fri Dec 07, 2018 3:28 pm

Re: Improve security

Post by xorinzor » Sun Jan 06, 2019 2:55 pm

bump, no reply?

xorinzor
OpenVpn Newbie
Posts: 4
Joined: Fri Dec 07, 2018 3:28 pm

Re: Improve security

Post by xorinzor » Mon Feb 18, 2019 7:03 pm

Over 2 months later and still nothing. Wow.
Is this forum even used? Does the openVPN team even look here for new features or improvements?

This doesn't really fill me with much confidence to be honest.

Post Reply