Page 1 of 1

Improve security

Posted: Wed Dec 12, 2018 1:15 pm
by xorinzor

I installed a OpenVPN Access Server today and am absolutely thrilled that it supports Two-Factor authentication.
The only thing I found during testing is that it will, while connecting to the VPN, check the password first, and the authenticator code second.

It'd be much more secure if it would check the code first, and the password second. This way, people (crooks) who will try to guess your password, will need to get the correct code first. Which, because it continually changes, is much harder, and thus way more secure.

Is this something I can configure myself? Or is this something that the OpenVPN team has to hard-code into the server?

EDIT: It would be great if the same concept could be applied to the Client Web-UI login page.


Re: Improve security

Posted: Sun Jan 06, 2019 2:55 pm
by xorinzor
bump, no reply?

Re: Improve security

Posted: Mon Feb 18, 2019 7:03 pm
by xorinzor
Over 2 months later and still nothing. Wow.
Is this forum even used? Does the openVPN team even look here for new features or improvements?

This doesn't really fill me with much confidence to be honest.