[Tickets #11076] Re: One Time Password Module Implementation - request for comment
bugs at horde.org
bugs at horde.org
Thu Mar 22 17:00:28 UTC 2012
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/11076
------------------------------------------------------------------------------
Ticket | 11076
Updated By | Jan Schneider <jan at horde.org>
Summary | One Time Password Module Implementation - request for
| comment
Queue | Horde Framework Packages
Version | Git develop
Type | Enhancement
-State | New
+State | Feedback
Priority | 1. Low
Milestone |
Patch | 1
Owners |
------------------------------------------------------------------------------
Jan Schneider <jan at horde.org> (2012-03-22 18:00) wrote:
- The driver should probably be called Horde_Auth_HashChain, because
this is just one possible implementation of OTP authentication and
Horde_Auth_Otp is too generic.
- You should use the existing user_pass field.
- It's okay to add an additional field for the chain index to the
general user table. It should follow the column nomenclature though
and should be added by a migration script.
- Why is the _reduce_password method necessary? This doesn't make
sense to me. Also, you are using the pwdformat_length parameter, but
it's not documented and you don't set the default value in the
constructor like for the other parameters.
- You should extend the Horde_Auth_Sql class and only overwrite those
methods and properties that are necessary.
- There also some minor style issues that should be tackled in a final
version.
More information about the bugs
mailing list