One Time Passwords

Michael kolab983 at der-he.de
Wed Oct 27 15:15:16 CEST 2010


Hi,

I wonder if there's some way to have One Time Passwords for remote sign on to Kolab.

Background: I'm using Kolab with Horde and Squirrelmail (I think it's much more comfortable for simple javascript-less email purposes) at my private Kolab Server. With my own PCs there's no Problem with logging in the common way: Username/Email+Password.
But Horde and Squirrelmail are usable from any point at the World, as long as there's a Browser and a TCP/IP-Route to my Server. But I do not trust any other PCs where I'm not the Admin. So I would like to use One Time Passwords (Einmalkennwörter/Einmalpasswörter) for those purposes. This could be a simple list of TANs (Transaction authentication numbers or Passwords) or some complex password generator app. Doesn't matter. As long as there's no way for password replay attacks.

It seems Cyrus SASL supports OTP, is this compatible with the way kolab stores login information? OpenLDAP?

Is there anyone using Kolab in such a manner? I don't know where to start.


Regards
Michael




More information about the users mailing list