f.cuseo
96 Posts
Quote from f.cuseo on June 17, 2025, 10:29 am
Hello.
Can you consider to introduce a stronger authentication for console ?
Hello.
Can you consider to introduce a stronger authentication for console ?
admin
3,054 Posts
Quote from admin on June 18, 2025, 12:26 pm
Can you elaborate more ? Are you referring to access to the web/ui ? is logging with password over https not secure enough ?
Can you elaborate more ? Are you referring to access to the web/ui ? is logging with password over https not secure enough ?
f.cuseo
96 Posts
Quote from f.cuseo on June 18, 2025, 1:39 pm
Quote from admin on June 18, 2025, 12:26 pm
Can you elaborate more ? Are you referring to access to the web/ui ? is logging with password over https not secure enough ?
Yes, to access the Web/UI. https is not enough secure because a password can be guessed or stolen, so all our systems require MFA (using DUO MOBILE on Android or something similar).
I think that you can use some library like pyotp
Regards, Fabrizio
Quote from admin on June 18, 2025, 12:26 pm
Can you elaborate more ? Are you referring to access to the web/ui ? is logging with password over https not secure enough ?
Yes, to access the Web/UI. https is not enough secure because a password can be guessed or stolen, so all our systems require MFA (using DUO MOBILE on Android or something similar).
I think that you can use some library like pyotp
Regards, Fabrizio
jrottmann
1 Post
Quote from jrottmann on November 8, 2025, 10:21 pm
I completely agree — stronger authentication options would be great to have.
Adding MFA support would already be a big step forward.
Even better would be the option to integrate external identity providers via OpenID Connect, for example Keycloak or similar.
Those providers could also take care of MFA themselves, so it wouldn’t have to be implemented again in PetaSAN.
That would make it easier to align authentication with existing enterprise setups and security policies.
I completely agree — stronger authentication options would be great to have.
Adding MFA support would already be a big step forward.
Even better would be the option to integrate external identity providers via OpenID Connect, for example Keycloak or similar.
Those providers could also take care of MFA themselves, so it wouldn’t have to be implemented again in PetaSAN.
That would make it easier to align authentication with existing enterprise setups and security policies.
