How The Linux Foundation and Fedora are Addressing Workstation Security (Linux.com)
Over at Linux.com, Linux Foundation (LF) system administrator Konstantin Ryabitsev describes a joint effort by the LF and the Fedora project to support two-factor authentication in Linux. The article describes multi-factor authentication, some of the problems inherent with using hardware tokens, and notes that smartphones can provide much of the same functionality without requiring a dedicated device. "Nearly all of us carry a powerful computer in our pocket that is more than capable of calculating and displaying TOTP [Time-based One-Time Password] tokens. Google recognized this a while back and released a free mobile app called 'Google Authenticator,' available on most mobile platforms. Anyone can set up two-factor authentication for their Google Account using the Authenticator, but the best part is that it's not just limited to Google's services. Since TOTP is an open standard, any infrastructure can use Google Authenticator to provision their own software tokens and implement TOTP-based two-factor authentication for their services."