[Desktop12.04-Topic] Improved Authentication
Matthew Paul Thomas
mpt at canonical.com
Wed Oct 5 17:01:01 UTC 2011
Robert Ancell wrote on 05/10/11 05:30:
>
> It would be nice to improve the authentication mechanisms in Ubuntu
> to be more user friendly and make it easier to enable modern
> authentication schemes. This will probably involve:
> - Reviewing the messages/prompts in PAM for appropriateness
> - Adding hints to PAM to allow GUIs to better display the prompts
> (i.e. if a prompt is for a password, key number, if prompting for a
> password change).
> - Improving the Unity Greeter prompts to interpret the hints
> - Improving PolicyKit to interpret the hints
> - Making it easier to enable non-password authentication (e.g. LDAP,
> two factor).
Two-factor authentication was discussed at UDS O, but not implemented.
<https://blueprints.launchpad.net/ubuntu/+spec/security-o-2factor-auth>
Two-factor authentication was discussed at UDS M, but not implemented.
<https://blueprints.launchpad.net/ubuntu/+spec/security-m-2-factor-auth>
Two-factor authentication was discussed at UDS L, but not implemented.
<https://blueprints.launchpad.net/ubuntu/+spec/security-lucid-2-factor-auth>
LDAP authentication was proposed for discussion at *six UDSes* from 2005
to 2010, and it was similarly discussed at three of them, but not
implemented.
<https://blueprints.launchpad.net/ubuntu/+spec/network-authentication>
I think we've run the experiment enough times now. Proposing either of
those features for discussion at UDS is, apparently, not a productive
thing to do. They are obviously useful and important features, but if
either of them is ever to be implemented, they need to be planned some
other way.
For example, instead of having a 55-minute fishbowl discussion, have an
all-morning or evening design and hacking session to actually start on
one of the features. If doing that during UDS would be too disruptive,
do it a week earlier, or two weeks earlier.
--
mpt
More information about the ubuntu-desktop
mailing list