ACP Security

[James]

OK, so firstly I expect to be completely shot down here with a bunch of "this is useless" comments, but hey:

What if, in conjunction with the usual password-based login, there was an added PIN (basically drop-down select menus with 0-9, or just an input box) as an extra precautionary measure. The PIN would only be used in the admincp and you could probably masquerade it by making the pin only appear after you've entered the correct password so that people don't know a pin is required until already having the correct password.

I figure it's a small addition that other forums haven't used that could possibly help secure the ACP a little bit more.

 

[Mike]

If you want to use "two factor authentication" (not using the term correctly, but anyway), wouldn't it make more sense to use a standard htaccess/htpasswd style protection on top of it?

 

[James]

htaccess/htpasswd are systems I've been using for a while and they are definitely useful. I was basically just thinking out loud and wondering what people would think (hence why this isn't in suggestions).

I think PIN-based systems aren't something people expect, and although they're limited, if they're implemented as a stage 2 (after having the correct password), people won't know it's there unless they have the correct password. Using htaccess/htpasswd implementations, people know as soon as going to admin.php that they require this logon information. People don't attain information they don't know they need.

 

[Brandon_R]

htaccess/htpasswd are systems I've been using for a while and they are definitely useful. I was basically just thinking out loud and wondering what people would think (hence why this isn't in suggestions).

I think PIN-based systems aren't something people expect, and although they're limited, if they're implemented as a stage 2 (after having the correct password), people won't know it's there unless they have the correct password. Using htaccess/htpasswd implementations, people know as soon as going to admin.php that they require this logon information. People don't attain information they don't know they need.

Wouldn't they know this feature exists by looking at the feature list on xenForo.com?

 

[James]

I'm not sure feature listings mention a password-based login system... so why mention the PIN system?

Some people may shoot me down for this idea too, but perhaps not letting someone log into the admincp until they're logged in the forum would also help

 

[Enigma]

If you want to use "two factor authentication" (not using the term correctly, but anyway), wouldn't it make more sense to use a standard htaccess/htpasswd style protection on top of it?

Can admin.php be moved to a different directory to easily add basic authentication (htaccess/htpasswd)? I guess you could also roll basic auth by sending the right headers from a XenForo plugin as well.

 

[Mike]

You can just as easily add basic auth to an individual file in a directory. Moving it to another directory is not an option.

 

[Shadab]

Can admin.php be moved to a different directory to easily add basic authentication (htaccess/htpasswd)?

We have the ability to add an extra layer to authentication to it without moving it to a separate directory.
See Floris' post:

http://xenforo.com/community/thread...uth.2129/#post-30838

EDIT: Mike beat me to it.

 

[Dismounted]

Interesting idea. If you had buttons on screen to click the individual numbers, you could "break" keyloggers, in that they can't record the PIN because it isn't a keystroke.

 

[James]

Another benefit Dismounted

If you have this as a second stage it's very hidden away until it's required. No, it may not be 100% efficient and when used in conjunction with .htaccess it provides a third level of protection. Dismounted is correct in saying it could break keyloggers, doesn't that add security in itself?

I imagine it wouldn't be hard to implement this, let's just see what others have to say on the matter