You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@guacamole.apache.org by "Vincent Sherwood (Jira)" <ji...@apache.org> on 2022/11/30 09:44:00 UTC

[jira] [Commented] (GUACAMOLE-1689) TOTP - add property to remove (username) from Authenticator setup

    [ https://issues.apache.org/jira/browse/GUACAMOLE-1689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17641194#comment-17641194 ] 

Vincent Sherwood commented on GUACAMOLE-1689:
---------------------------------------------

I had never seen that is is possible to rename the userId part of the entry in Authenticator. That solves my concern easily. Thanks. 

Please close the ticket. 

 

> TOTP - add property to remove (username) from Authenticator setup
> -----------------------------------------------------------------
>
>                 Key: GUACAMOLE-1689
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1689
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacamole-auth-totp
>    Affects Versions: 1.4.0
>            Reporter: Vincent Sherwood
>            Priority: Minor
>
> When enrolling a user for TOTP, the barcode uses the text from the configured totp-issuer (or the default "Apache Guacamole") and appends " (username)" when creating the new entry in the Authenticator App. For example 
> totp-issuer DevTest
> {quote}DevTest (bloggs_joe)
> 123456
> {quote}
> This leaks valuable information (their username for the system) to anyone who might catch sight of a user's authenticator.
> For security conscious users it would be good to add an option in the config file to hide the username
> # totp-hideuser - Flag to hide username from generated authenticator entry. Set value to 1 to hide the username. (Default 0) 
> totp-issuer DevTest
> totp-hideuser 1
> {quote}DevTest
> 123456
> {quote}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)