Thursday, April 28, 2011

Re: Double security login system

There is some discussion of two-factor auth systems in Django over at
StackOverflow [1]. One of the answers links to an example app that
implements two-factor auth [2], which sounds pretty close to what you
are looking for (although you would need to replace their second
factor with one of your own choosing, e.g. Cisco tokens or an SMS).

I have been thinking about building a reusable two-factor auth app for
Django which supports Google Authenticator [3] and ties in with
contrib.auth, which would let your phone act as the second factor
without requiring SMS.

[1] http://stackoverflow.com/questions/5096924/implementing-a-secure-two-factor-authentication-for-a-login-page-with-django-form

[2] https://github.com/duosecurity/duo_web/tree/master/demos/django

[3] http://www.google.com/support/a/bin/answer.py?answer=1037451

On Apr 27, 4:28 pm, "mendes.rich...@gmail.com" <mendes...@gmail.com>
wrote:
> Dear Django developers,
>
> Recently we've been asked to start a medical project with the highest
> security level system and login wise.
> This means we have to work with a double login system either managed
> via cisco tokens or sms codes send
> to the owners phone.
>
> After some searching around i found the django sms module which can be
> used, but am wondering if someone else
> has experienced some projects like this and can give me some pointers
> in set-up, possible interesting modules and
> pitfalls to look out for.
>
> any help would be greatly appreciated,
>
> best regards,
>
> Richard Mendes

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

No comments:

Post a Comment