(SOLVED) Two factor authentication for ADM

[meetyg]

Hello.
I really like Asustors products in general, and specifically my AS1002T.
I think that two factor authentication is a must these days for any NAS product.
This feature allready exists in the competitor's products, and if Asustor respects itself and its customers, I think that this is a must.
It shouldn't be that hard to implement, as there are allready existing PHP libraries to do this (for ADM web), such as multiOTP, and Linux PAM modules (for SSH).
There are also convenient Android and iOS apps to help generate the OTP (like FreeOTP from Redhat).

Of course the owner of the NAS should choose if he wants to enable this or not.

Thanks in advance. I'm looking forward to a serious response from Asustor.

[fritzboxuser]

+1 for otp passwords

my hope is RFC 6238

https://en.wikipedia.org/wiki/Time-base ... _Algorithm

[Shawn.S@AST]

Hi meetyg and fritzboxuser,

Thanks for your kind feedback!!!

Yes, we are already developing 2 step authentication and we hope to provide it asap!!!

[MikeG.6.5]

Shawn,

Please make this OPTIONAL and NOT required. It certainly doesn't need to be required for a vast majority of home users and is going to create a lot more work support it, both on the forums and in tickets.

[Kapitein Haak]

Hello MikeG6.5,

From what I've seen from the Azure 2-factor authentication, it is really easy to use and setup. I suppose 2-factor from the google api is a viable option as well. Hopefully it is adjustable for LAN / WAN ip addressen (I trust my local network ) and per account an option to turn it on / off.

Best regards,
Kapitein Haak.