guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Suncatcher16 <>
Subject OpenID Connect authentication in 0.9.14 and 2FA
Date Sun, 13 May 2018 11:35:08 GMT
New release brought us the new cool authentication protocol OpenID Connect,
but also new question I am going to touch.
What is the most efficient (not redundant) strategy of authentication now?
OpenID Connect allows connecting with Google/Facebook/ accounts,
which, in turn provide 2FA ability. So is there any sense in combining Duo +
OpenID authentication methods? Isn't double 2FA redundant here?
The same question can be asked about DB-authentication: can we get rid of it
in favor of OpenID?
What is the most efficient scheme:
1. OpenID
2. OpenID + DB
3. OpenID + Duo
4. OpenID + Duo + DB

Some elements seem redundant to me, no?

We are not speaking here about the environments where OpenID is inaccessible
(corporate stuff) but considering the case of pure security where all
authentication methods are available.

Sent from:

View raw message