Hi,
I installed a OpenVPN Access Server today and am absolutely thrilled that it supports Two-Factor authentication.
The only thing I found during testing is that it will, while connecting to the VPN, check the password first, and the authenticator code second.
It'd be much more secure if it would check the code first, and the password second. This way, people (crooks) who will try to guess your password, will need to get the correct code first. Which, because it continually changes, is much harder, and thus way more secure.
Is this something I can configure myself? Or is this something that the OpenVPN team has to hard-code into the server?
EDIT: It would be great if the same concept could be applied to the Client Web-UI login page.
Regards,
Jorin
Improve security
-
xorinzor
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Dec 07, 2018 3:28 pm
Re: Improve security
bump, no reply?
-
xorinzor
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Dec 07, 2018 3:28 pm
Re: Improve security
Over 2 months later and still nothing. Wow.
Is this forum even used? Does the openVPN team even look here for new features or improvements?
This doesn't really fill me with much confidence to be honest.
Is this forum even used? Does the openVPN team even look here for new features or improvements?
This doesn't really fill me with much confidence to be honest.