Fregf
commented
5 years ago The same for forcing a step_size, which apparently is also configurable in the user's .google_authenticator file.
Open Fregf opened 5 years ago
Fregf
commented
5 years ago The same for forcing a step_size, which apparently is also configurable in the user's .google_authenticator file.
ThomasHabets
commented
5 years ago This seems like a general issue where I can imagine sysadmins also wanting to force HOTP over TOTP, or the other way around.
There should be an option to force the window_size to be 3 in the pam module. Otherwise users can reduce security of their account by setting a high window_size.