nobody40
asked on
FTP program that needs pin to access
Looking for a programs so clients can access just their files that e-mails them a new pin each time they try to access it. So they enter their e-mail and password then the program e-mails them a new pin that they have to enter to access.
Thanks
Thanks
nothing out of the box will do this.. you will have to roll your own.
ASKER
Crap...I'm not a programmer so I may be screwed. :(
A bit of an odd request. Are you trying to do two factor authentication for some sort of compliance?
ASKER
Yes for a legal client.
Citrix Sharefile is probably what you're looking for.
ASKER
My client uses this site: https://www.tlo.com/ and they have it in place so he wants it.
How access to files is made?
ASKER
Yes we need an FTP program, that we host, that has the two stage verification.
My guess is Tlo.com is using it for their website's "user login"
This would be much easier to implement for http (web authentication) than I suspect it will be for FTP
Just my opinion though
This would be much easier to implement for http (web authentication) than I suspect it will be for FTP
Just my opinion though
SmartFTP and Serv-U are two products that support two factor if you use SFTP.
You could also try to make use of OpenOTP and integrate it, but I figure somehow that above options would be easier.
You could also try to make use of OpenOTP and integrate it, but I figure somehow that above options would be easier.
I dont see how one could keep user partially authenticated until he receives mail.
https://tools.ietf.org/html/rfc2821#section-4.5.4.1
Can you share formal requirement?
What you describe is OTP (implemented in least secure way possible) keys generated by server software.
Look at e.g. goole or battle.net authenticators for examples of OTP
https://tools.ietf.org/html/rfc2821#section-4.5.4.1
Can you share formal requirement?
What you describe is OTP (implemented in least secure way possible) keys generated by server software.
Look at e.g. goole or battle.net authenticators for examples of OTP
Wait....
When you say "FTP" are you looking to use this for traditional FTP (FTP client reqired)?
OR
file uploads from a webpage? (Like uploading a picture on facebook)?
When you say "FTP" are you looking to use this for traditional FTP (FTP client reqired)?
OR
file uploads from a webpage? (Like uploading a picture on facebook)?
It seems to me that *email* isn't a particularly good way to meet the objective.
But then, I'm no expert on this.....
Perhaps others will comment.
But then, I'm no expert on this.....
Perhaps others will comment.
[It seems to me that *email* isn't a particularly good way to meet the objective]
I'd be more concerned if the emailed password was permanent
The password here appear to be single use, sent to the users email address
(I'm assuming on file) once used it's (again I'm assuming) deleted until a new password is generated on the next login
I'd be more concerned if the emailed password was permanent
The password here appear to be single use, sent to the users email address
(I'm assuming on file) once used it's (again I'm assuming) deleted until a new password is generated on the next login
I think the issue is the *state* of the login while awaiting email to arrive.
That seems an awkward implementation.
That seems an awkward implementation.
Agreed, but that would depend on if the term "FTP" is being used correctly by the OP
If these are HTTP events then after account authentication, the user would simply be at a screen prompting for a "PIN" before he/she could continue
I see this being much easier to implement with HTTP "FTP/SFTP"
If these are HTTP events then after account authentication, the user would simply be at a screen prompting for a "PIN" before he/she could continue
I see this being much easier to implement with HTTP "FTP/SFTP"
ASKER
Setting this up so clients can log in and view their surveillance videos and download them. Passwords would be changed every 30 days. So that site I listed has it so when you key in your user name and password it then asks for a pin that changes each time you log in....they e-mail or text you the pin each time.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.