Comments on: Add-in: TwoFactor WHS http://www.wegotserved.com/2009/05/25/add-in-twofactor-whs/ The web's biggest home server and digital home community, with the latest news, reviews, hardware, software, add-ins and support forums. Thu, 09 Feb 2012 06:38:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: gmurrayhttp://www.wegotserved.com/2009/05/25/add-in-twofactor-whs/comment-page-/#comment-6886 gmurray Thu, 28 May 2009 20:47:07 +0000 http://www.wegotserved.com/?p=11026#comment-6886 I really actually quite like my yubikey though, and its very inexpensive comparatively (although not compared to paper), so I would encourage people to look at them if they havent before. I really actually quite like my yubikey though, and its very inexpensive comparatively (although not compared to paper), so I would encourage people to look at them if they havent before.

]]> By: gmurrayhttp://www.wegotserved.com/2009/05/25/add-in-twofactor-whs/comment-page-/#comment-6885 gmurray Thu, 28 May 2009 20:45:52 +0000 http://www.wegotserved.com/?p=11026#comment-6885 Yeah, I'm looking into integrating with a PPP solution, and maybe some phone based software tokens. I'm investigating different PPP implementations when I have time. Yeah, I'm looking into integrating with a PPP solution, and maybe some phone based software tokens. I'm investigating different PPP implementations when I have time.

]]> By: Hankhttp://www.wegotserved.com/2009/05/25/add-in-twofactor-whs/comment-page-1/#comment-6884 Hank Thu, 28 May 2009 03:42:20 +0000 http://www.wegotserved.com/?p=11026#comment-6884 How cool would this be if it also could use grc.com's Perfect Paper Passwords?Also, cheaper. :PAnyway, this looks like a great solution, gmurray. How cool would this be if it also could use grc.com’s Perfect Paper Passwords?

Also, cheaper. :P

Anyway, this looks like a great solution, gmurray.

]]> By: gmurrayhttp://www.wegotserved.com/2009/05/25/add-in-twofactor-whs/comment-page-/#comment-6883 gmurray Wed, 27 May 2009 00:49:48 +0000 http://www.wegotserved.com/?p=11026#comment-6883 Plus on the vpn server front, if you are installing that kind of software on your whs arent you risking running afoul of the WHS abstraction? I like everything I put on my whs to be plugin based, and specifically tested against the WHS variant of 2003, so as to not risk fouling up my WHS's state.As far as encryption goes, you are already getting this if you are using the https website for your WHS (as you should be). WHS remote access is pretty much designed to be VPN lite, so using an actual vpn tunnel seems like the overkill to me. That being said, if I'm accessing whs from a public or semi-trusted terminal, I want a stronger authentication model than just a password (hence this add-in).This may seem like overkill to most, but I think internet users need to get serious about strong authentication or we will never kiss attacks like phishing or key-logging good bye. Plus on the vpn server front, if you are installing that kind of software on your whs arent you risking running afoul of the WHS abstraction? I like everything I put on my whs to be plugin based, and specifically tested against the WHS variant of 2003, so as to not risk fouling up my WHS's state.

As far as encryption goes, you are already getting this if you are using the https website for your WHS (as you should be). WHS remote access is pretty much designed to be VPN lite, so using an actual vpn tunnel seems like the overkill to me. That being said, if I'm accessing whs from a public or semi-trusted terminal, I want a stronger authentication model than just a password (hence this add-in).

This may seem like overkill to most, but I think internet users need to get serious about strong authentication or we will never kiss attacks like phishing or key-logging good bye.

]]> By: gmurrayhttp://www.wegotserved.com/2009/05/25/add-in-twofactor-whs/comment-page-/#comment-6882 gmurray Wed, 27 May 2009 00:49:15 +0000 http://www.wegotserved.com/?p=11026#comment-6882 VPN has additional infrastructure requirements, a client on the client, a server on the server. This solution allows you to access your content from a public terminal if need be, and doesnt require you to install any vpn server or client software. In fact, the reason why I put this together was so that I could feel comfortable accessing my home server from public or semi-trusted terminals. VPN has additional infrastructure requirements, a client on the client, a server on the server. This solution allows you to access your content from a public terminal if need be, and doesnt require you to install any vpn server or client software. In fact, the reason why I put this together was so that I could feel comfortable accessing my home server from public or semi-trusted terminals.

]]> By: soaklordhttp://www.wegotserved.com/2009/05/25/add-in-twofactor-whs/comment-page-1/#comment-6881 soaklord Tue, 26 May 2009 19:18:01 +0000 http://www.wegotserved.com/?p=11026#comment-6881 Am I missing something? Wouldn't you get even tighter security by just setting up a VPN? that way you would browse if local and even the traffic would be secure, not just the log in. Am I missing something? Wouldn't you get even tighter security by just setting up a VPN? that way you would browse if local and even the traffic would be secure, not just the log in.

]]> By: mfmjoshttp://www.wegotserved.com/2009/05/25/add-in-twofactor-whs/comment-page-1/#comment-6880 mfmjos Tue, 26 May 2009 12:23:20 +0000 http://www.wegotserved.com/?p=11026#comment-6880 For $25 per Yubico key I love the idea for my personal WHS! For $25 per Yubico key I love the idea for my personal WHS!

]]>