Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Hardening admin security
« on November 5th, 2012, 05:59 PM »
Another random idea.

So, when you go into the admin panel, moderation panel or editing other users' profiles, you're required to revalidate your password for one hour.

Not so much the moderation panel or profiles, but for the admin panel, what if instead of re-entering your password, it sent you an email with a one-time use code, on provision of which you would get access to the admin panel?

Same deal otherwise - revalidate an hour later. But that it is something a bit stronger than just your password. Reason that I suggest this, is if you have someone trying to force their way into the admin panel, they would have to do more than just brute force your password. (Quite a bit more, really)

Of course, it would be disabled by default, mostly for those of us on WampServer or whatever who don't have email servers set up ;) - if you already have access to the database anyway to be able to change this you're already powerful enough.
When we unite against a common enemy that attacks our ethos, it nurtures group solidarity. Trolls are sensational, yes, but we keep everyone honest. | Game Memorial

Anthony`

  • Posts: 53
Re: Hardening admin security
« Reply #1, on November 5th, 2012, 10:52 PM »
This is a great idea. It's not very often hackers have access both to an admin password and the person's e-mail account (atleast in my experience).

MultiformeIngegno

  • Posts: 1,337
Re: Hardening admin security
« Reply #2, on November 6th, 2012, 12:55 AM »
I know you don't like Google, but I'd suggest Google Aithenticator API (open source) :D

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: Hardening admin security
« Reply #3, on November 6th, 2012, 01:03 AM »
I *really* don't like that idea. Not just because I find Google increasingly creepy, but because I find the idea of turning admin control of a site over to a third party for 'authentication'.

MultiformeIngegno

  • Posts: 1,337
Re: Hardening admin security
« Reply #4, on November 6th, 2012, 01:13 AM »
Well, there could be a manual option to disable it (editing config file) if there are problems (and switch back to the "normal" method). This wouldn't decrease security because to disable it an attacker should have FTP access (and if it has it it knows also db password..)

edit: anyway, also big sites started using it, such as Dropbox and Amazon web services ;)

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: Hardening admin security
« Reply #5, on November 6th, 2012, 01:14 AM »
There would still have to be a manual method, in case of email troubles anyway. But this just seems to be including a whole level of extra stuff just for the sake of using "Google Authenticator" when 95% of the effect can be achieved for a fraction of the effort.

If you're running a forum, you already got email.

MultiformeIngegno

  • Posts: 1,337
Re: Hardening admin security
« Reply #6, on November 6th, 2012, 01:18 AM »
Oh, talking about extra stuff and effort in including it I can't speak. I can only report that it's extremely comfortable (I use it for quite a bit of services) and as my edit said, also big projects are starting to use it (Dropbox, AWS).

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: Hardening admin security
« Reply #7, on November 6th, 2012, 01:24 AM »
How is it more comfortable to use than clicking on a link in an email?

MultiformeIngegno

  • Posts: 1,337
Re: Hardening admin security
« Reply #8, on November 6th, 2012, 01:34 AM »
Quote from Arantor on November 6th, 2012, 01:24 AM
How is it more comfortable to use than clicking on a link in an email?
You don't need to have sendmail() enabled or postfix/exim installed.. and it's more modern than email links (that look so.. old style! :P)
For the user POV, he doesn't need to remove the emails from his inbox! If he logs in often he would have the inbox full

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: Hardening admin security
« Reply #9, on November 6th, 2012, 01:36 AM »
Aside from the fact I already said it would be disableable anyway (including by default), a forum that's running without email facilities is likely to be limited anyway...

Being honest, I get annoyed with this sort of suggestion, because it just makes me feel like I shouldn't try to have ideas because they all end up leading back to the fecking Google monster in some fashion. All I'm hearing is "Whatever your idea is, it's cute but it would be better with Google." Maybe I'm just taking it less than wonderfully but that's how I'm seeing it right now. It reminds me of the vBulletin vs XenForo video where the one side is reduced to saying "But we have Kier Darby" as an argument technique.

Can't be arsed to make this core because providing something like this in the core is going to cause more problems than it would save - Google tentacles notwithstanding.

MultiformeIngegno

  • Posts: 1,337
Re: Hardening admin security
« Reply #10, on November 6th, 2012, 01:41 AM »
Maybe you're right about Google's tentacles, but I think that in this case they're not being.. "evil". :P
It's an open source project, they're not inserting any strange code (iframe, js or other).
Anyway it's your choice, I'm not pretending anything (of corse) :)
Just talking

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: Hardening admin security
« Reply #11, on November 6th, 2012, 01:50 AM »
Quote
It's an open source project, they're not inserting any strange code (iframe, js or other).
Please tell me you're not that naive. It's not about inserting ads. It's a way of tracking you. They know what you're logging into. They could even perform a type of MITM attack on you if they wanted.

On a similar note, Google Analytics isn't about advertising to you, it's about tracking you, watching where you go. If they know where you're going, what you're logging into (bearing in mind you're tying it to a Google account, no less), they're going to advertise to you more like that on their other services. Everything goes towards bolstering their profile of you.

godboko71

  • Fence accomplished!
  • Hello
  • Posts: 361
Re: Hardening admin security
« Reply #12, on November 6th, 2012, 01:51 AM »
I like the idea of email, heck even a text would be cool too. No need for Google's involvement. 
Thank you,
Boko

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: Hardening admin security
« Reply #13, on November 6th, 2012, 01:54 AM »
Of course a text would be cool. Let me know when you figure out how to send a text from off the shelf web hosting.

godboko71

  • Fence accomplished!
  • Hello
  • Posts: 361
Re: Hardening admin security
« Reply #14, on November 6th, 2012, 01:56 AM »
Well if you know the carriers @whatever you could just sent an email to that phonenumber + @whatever. Email is plenty though no need for texts either :P