OpenId is a great system to provide Sngle Sign on across multiple web applications. (check out www.openid.net)
I already had a simple OpenId server set up on my home domain to test it. However, thinking about authentication, I'd prefer to have something where just capturing my user/password wouldn't work. (especially if that then gives you access to ALL my accounts).
The rule to authenticate someone is to check at least one of the following
- something they know (user/pass)
- something they have (physical key, card)
- somehting they are (biometrics)
Checking just one element can lead to problems (theft of object, password stealing etc). Good practice is therefore to use at least 2 of the elements together.
So, I think what I want is to centralise with OpenId, and then enter a password but on a separate physical object that I always have with me.... my phone!
By changing my OpenId server, it will send an SMS to my phone requesting authentication. The reply to the SMS must be the valid password (stored on my OpenId server).
Hence, the only way to authenticate is to have both the password AND my physical phone! And to disable my logins (in case of losing my phone for instance), I just need to reconfigure the phone number in the server.
To make the phone experience even better, I can use onX to detect a magic word in the requesting SMS (OpenId for example) and popup a notification dialog to request the password, and automatically send the response.
Well, thats the plan anyway....
And in phase 2, add a biometric validation (face recognitiion?) to the phone app! (TODO...)
mercredi 10 avril 2013
More onX and SMS
Our nagios monitoring system sends SMS for serious alarms to the mobile phone of the person who's on astreinte. If they don"t acknowledge, it escalates by sending them to me....
However, on the S3, I find the standard SMS notification sounds are emenently missable...
No problem using onX (see earily posts), I get event for reception of SMS, check for the magic phrase (Alarm), and use a blocking popup notification with 'yes/no' buttons to force me to notice the problem, and allow easy acknowledgement without any other manipulation!
so cool....
However, on the S3, I find the standard SMS notification sounds are emenently missable...
No problem using onX (see earily posts), I get event for reception of SMS, check for the magic phrase (Alarm), and use a blocking popup notification with 'yes/no' buttons to force me to notice the problem, and allow easy acknowledgement without any other manipulation!
so cool....
Fun with magnets
Got fed up losng my phone under stuff on my desk, so I wanted to be able to have it attached somehow to a vertical surface...
I thought of using a car grabber thing, but then I thought of magnets....
Ordered a bundle of super string doughnut magnets from Amazon. Glued 4 to a spare phone back that I had for my Galaxy S3. et voila, my phone sticks to any metal surface - Fridge, metal plate, etc...
At work I have a metal plate intended for use with magnets to hold papers : I inclined it at about 70deg and it holds my phone up out of the mess and visible at all times...
I'd take a photo, but I'd need my phone for that...
So, I still had some magnets left.... and when we got a new micro video projector at work, it didn't have a way to mount it onto a tripod (to hold it up off the desk to be able to project on the wall easily).... solution: a metal plate (a server 19" rack mounting ear...) attached to the tripod screw, and 4 magnets glued to the bottom of the VP...
Holds it perfectly, and allows easy manipulation!
Now I'm thinking that it should be possible to make my own 'magsafe' type power connector with these things...
I thought of using a car grabber thing, but then I thought of magnets....
Ordered a bundle of super string doughnut magnets from Amazon. Glued 4 to a spare phone back that I had for my Galaxy S3. et voila, my phone sticks to any metal surface - Fridge, metal plate, etc...
At work I have a metal plate intended for use with magnets to hold papers : I inclined it at about 70deg and it holds my phone up out of the mess and visible at all times...
I'd take a photo, but I'd need my phone for that...
So, I still had some magnets left.... and when we got a new micro video projector at work, it didn't have a way to mount it onto a tripod (to hold it up off the desk to be able to project on the wall easily).... solution: a metal plate (a server 19" rack mounting ear...) attached to the tripod screw, and 4 magnets glued to the bottom of the VP...
Holds it perfectly, and allows easy manipulation!
Now I'm thinking that it should be possible to make my own 'magsafe' type power connector with these things...
Inscription à :
Articles (Atom)