Educause Security Discussion mailing list archives
Re: SecurID query
From: Greg Vickers <g.vickers () QUT EDU AU>
Date: Wed, 1 Apr 2009 13:50:05 +1000
Hi David, LaPorte, David wrote:
We've done something very similar using SecurID (without PIN) and existing LDAP credentials using Radiator. I'd be happy to talk nuts and bolts off-list if you'd like.
Ah, excellent! Forgot to mention, that we are migrating away from an ancient Radiator server to FreeRADIUS, which is why we want to leverage FreeRADIUS - doh. Thanks, Greg
Greg Vickers wrote:Hi all, Spurred by Jeff Murphy's inquiry about 2FA (two factor authentication) OTP systems, I have a query: We are looking at SecurID, but don't like how it doesn't integrate with an *existing* password system. We are trying to leverage our existing account credentials along with SecurID: i.e. use our existing LDAP username/password credentials as well as the SecurID tokencode - not passcode - for authentication *at the one point* on our network. This way we leverage our existing authentication credentials and mechanism without asking users to remember a second password (PIN part of the passcode). We know how to do this with FreeRADIUS, but haven't actually got the resource to write the script for FreeRAIDUS. If you have implemented SecurID in this way or similar, please let me know! Thanks,
-- Greg Vickers Phone: +61 7 3138 6902 IT Security Engineer & Project Manager Queensland University of Technology, CRICOS No. 00213J
Current thread:
- SecurID query Greg Vickers (Mar 31)
- <Possible follow-ups>
- Re: SecurID query Greg Vickers (Mar 31)