Already, this is fantastic, providing a ZT Central alternative. One of my chief concerns about ZT Central is the lack of some sort of extra authentication, as it would be trivial to add nodes to existing networks if an attacker gained access to the Central infrastructure. Similarly, simply compromising user credentials would open this door as well. To solve problem 2 (compromised credentials), it is proposed to use the Speakeasy library:
Already, this is fantastic, providing a ZT Central alternative. One of my chief concerns about ZT Central is the lack of some sort of extra authentication, as it would be trivial to add nodes to existing networks if an attacker gained access to the Central infrastructure. Similarly, simply compromising user credentials would open this door as well. To solve problem 2 (compromised credentials), it is proposed to use the Speakeasy library:
https://www.npmjs.com/package/speakeasy
This would enable a relatively straightforward and simple TOTP-based MFA implementation.
Thoughts? Michael