Alternative OpenDuino authentication
Fragment of a discussion from Talk:OpenDuino
If, at first sight, you compare this to the current auth, this method is more secure. So I try to determine what were the conditions to come up with this procedure.
- the user must give his password
- the user has to be at the front door
- ??? I can't think of anything else
So procedure optimized as follows:
ask via authenticated webpage for a code.
that code is sent via sms and is valid 2h
show the code to the webcam (or via IR or bluetooth)
If, at first sight, you compare this to the current auth, this method is more secure. So I try to determine what were the conditions to come up with this procedure.
- the user must give his password
- the user has to be at the front door
- ??? I can't think of anything else
So procedure optimized as follows:
ask via authenticated webpage for a code.
that code is sent via sms and is valid 2h
show the code to the webcam (or via IR or bluetooth)
