AW: Re: Re: Bypass OTP on authentication

cornelinux · February 3, 2017, 4:17pm

Great.Can you tell: is there a certain spot where we need to improve the documentation?Kind regards Cornelius

Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797-------- Ursprüngliche Nachricht --------Von: Raoul Thill raoul.thill@gmail.com Datum: 03.02.17 16:56 (GMT+01:00) An: “cornelius.koelbel” <@cornelinux> Betreff: Re: [privacyidea] Re: Bypass OTP on authentication
Wow, great Friday afternoon, that worked immediately!
Thanks for this great idea to use the spass token.
Raoul

On Fri, Feb 3, 2017 at 4:37 PM, cornelius.koelbel <@cornelinux> wrote:
You could assign a 2nd spass token an use the token types in the authorization policy with IP addresses.
Kind regardsCornelius

Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797

-------- Ursprüngliche Nachricht --------Von: Raoul raoul.thill@gmail.com Datum: 03.02.17 15:51 (GMT+01:00) An: privacyidea privacyidea@googlegroups.com Betreff: [privacyidea] Re: Bypass OTP on authentication
Yes, I can imagine and checked also probably only half of it as I couldn’t think a good combination together.By bypassing I mean to not ask for the OTP token even the user has an assigned token when he is connecting from a specific source ip.
Regards

On Thursday, February 2, 2017 at 11:13:53 AM UTC+1, Cornelius Kölbel wrote:There are myriads of scenarios and workflows.Yes.It depends how you understand “bypass”.

Am Mittwoch, 1. Februar 2017 17:27:23 UTC+1 schrieb Raoul:Hi,
per default I want my users to connect using their password + OTP which is configured in a policy. For my monitoring application I could successfully bypass the required OTP by creating a new user without assigned token.Is it also possible to create a policy for users with token to bypass OTP?
Thanks,Raoul

–

Please read the blog post about getting help

https://www.privacyidea.org/getting-help/.

For professional services and consultancy regarding two factor authentication please visit

https://netknights.it/en/leistungen/one-time-services/

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT which suites your needs for SECURITY, AVAILABILITY and LIABILITY:

https://netknights.it/en/leistungen/service-level-agreements/

You received this message because you are subscribed to a topic in the Google Groups “privacyidea” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/privacyidea/JJwYnU1G5e4/unsubscribe.

To unsubscribe from this group and all its topics, send an email to privacyidea+unsubscribe@googlegroups.com.

To post to this group, send email to privacyidea@googlegroups.com.

Visit this group at https://groups.google.com/group/privacyidea.

To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/90e0e792-4c12-4704-8fdf-7ef3eedc3f08%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.