Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 4:54 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Tue Jan 26, 2010 3:29 pm 
Offline

Joined: Tue Jan 19, 2010 4:21 am
Posts: 5
Hi,

I mentioned this in another topic however it wasn't probably in the best place.

Does anyone else think it would be useful for yubico to maintain a log of authentication requests and times? (and maybe the ip address the authentication request was made from). I can see some situations where it may be useful to see if anyone has used your yubikey.

As I suggested in the thread the history kept could be short ( a week of authentication requests of the last 100 or something) so yubico doesnt have maintain lots of records.

Also i think it could be opt in i.e. By default it doesnt log. ( I can see some people not wanting it logged.). It could be an option when you upload an AES key Also optin would be a good idea so yubico isn't logging info for people who dont want it.

Finally I think the log shouldnt be deleteable. It will just auto delete after the retention peroid. Otherwise someone with your key would just delete the records. With a non deleteable authentication log you could check the within the retention peoid and find out if it had been used.

Ofcourse this could be implemented if you run your own validation and key storage server.. but if yubico offered this it would be fantastic.


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 6 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group