NAME

       pam_barada - PAM module to allow HOTP authentication

SYNOPSIS

       pam_barada.so

DESCRIPTION

       This PAM  module is designed to provide two-factor authentication support, based on an algorithm outlined
       in RFC 4226 known as HOTP.

       And  that's  why  this  exists.  It's an implementation of the HOTP protocol in the form of a PAM module.
       Basically, in addition to a normal password, users are also assigned a 128 bit key  and  arbitrary-length
       PIN  number.  Every  time  you'd  like  to  login  using a OTP, you calculate a secure hash based on your
       assigned PIN and an increasing counter, the result of which is a six character one time password.

       While this module could be used in conjunction  with  many  different  client  devices,  it  was  written
       specifically  with  Android  devices in mind.  There is companion software which runs on Android, so that
       your phone essentially becomes a SecureID token.  All you need to do is open up  the  software,  type  in
       your PIN, and you get back a 6-character number that you can use to login to your system.

MODULE TYPES PROVIDED

       Only the auth type is provided.

EXAMPLES

       Add the following line to /etc/pam.d/login to HOTP style login:

              auth    sufficient  pam_barada.so

SEE ALSO

       barada-add(8), pam.conf(5)

       RFC 4226 - HOTP: An HMAC-Based One-Time Password Algorithm
              http://www.rfc-editor.org/rfc/rfc4226.txt

Linux                                              2012-06-02                                      PAM_BARADA(8)