Re: Free MFA for IBM i -- MIDRANGE-L

Subject: Re: Free MFA for IBM i
From: cesco <emaxt6@xxxxxxxxx>
Date: Tue, 8 Apr 2025 16:29:47 +0000 (UTC)
List-archive: <https://archive.midrange.com/midrange-l/>
List-post: <mailto:midrange-l@lists.midrange.com>
List-subscribe: <https://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@lists.midrange.com?subject=subscribe>
List-unsubscribe: <https://lists.midrange.com/mailman/options/midrange-l>, <mailto:midrange-l-request@lists.midrange.com?subject=unsubscribe>

TOTP devices and just pass it around. But what if

TOTP is only dependent from a stored password seed (that you control) and time.

So you can have say 5 different hardware tokens distributed to restricted group of tech, all programmed to the same seed if they need to use the same important userid in the system (so it will produce the same number pattern). Basically, you clone them if needed with the same seed.

p.s. of course you can emulate it easily with software TOTP, there are quick command lines around, not advisable of course because it will obviously require to paste the original password around invalidating a little the overall benefits of MFA... but being the seed base32 usually you can print it on paper if one so desire...

As an Amazon Associate we earn from qualifying purchases.

Follow-Ups:

Re: Free MFA for IBM i , Rob Berendt

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.