[Request] Add QR Code To Token Delivery
[Request] Add QR Code To Token Delivery
As the title says, it would be useful to have the token expressed as a QR Code when delivered via browser or email. It would make life much easier when adding a new token to OpenVPN on a mobile device.
-
gee548
Re: [Request] Add QR Code To Token Delivery
QR via browser so would it also be possible to have the hashed SHA512 token value encoded as 2nd optional QR code?
@parityboy neat idea !
ofc over the shoulder capture from a fair distance has to be factored in xDDD
@parityboy neat idea !
ofc over the shoulder capture from a fair distance has to be factored in xDDD
-
PrivacyActivist
- Posts: 4
- Joined: Thu Jun 15, 2017 10:29 pm
Re: [Request] Add QR Code To Token Delivery
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I suppose it's a cool idea but... It might be simpler for the user to login to their email from their mobile phone. If they don't trust Android or iOS (which I wouldn't blame them) they could manually navigate to the main website and manually enter their token and hash it from the mobile phone.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJZRMteAAoJEMU/If9VVRgPCrYP/i6SQFa8FOAJf94oD84HWKYD
6CGGzGUtobxrtEouKa+2EDYahd2bciau7zUx1mfY+dvENLPLTe19nsPRtrlkufY3
sC6BG2cTNDhWH+QxTiIuqwLDL2zx96+JMWLjDz296+ThoTd7KDYLDRtMcqusjM70
10axRzeAJwd0rGL5vVop4w9kPfVQ/AgFQgliU+QCxEYP5iGghaqd3wGtbB++76I1
tuFs/yXnVD5VBJzpLxon1kGmMYpgzkXN0w2HG8c2dw35PMxo+bVNf0cTPQsMuNKz
wkTlrAGYqjTrFvbmJOhhzKHrPNfBpGAjjSsAP4Hv7/DOWHYAws2zxF/zi+TU3hJX
xFoud13es0PpKitsKE3N7BU7tfqpGwxPiVZ+k4EokSFjEQQAu4ueHnsxRz3JtoZX
sxxvUFQWZi3ZAZVspI+y1Puh/ITcvKKTaIqwQfmXVmN3ud2r0wiUtMeSJd5QLbj/
BdR3J68dnly19mytGfLkrCrYmxq3AcWCUGcc8m0mGLpe34BK9c4OkyPrwiSqQHUF
imZ3/Pay/4FWOdzhuijQUVa52vJEgZwfAGE/XrGymtxrIfnuJjpMLlHzaKK60BBC
YOmmDrwFFC0AN9ggrcorMsVYoKE/I3+6vAwCsOxDIw38aqLyxghnUrl/7bOL7YWY
cvq74L7wipJD2PUy6UmW
=tGVe
-----END PGP SIGNATURE-----
Hash: SHA512
I suppose it's a cool idea but... It might be simpler for the user to login to their email from their mobile phone. If they don't trust Android or iOS (which I wouldn't blame them) they could manually navigate to the main website and manually enter their token and hash it from the mobile phone.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJZRMteAAoJEMU/If9VVRgPCrYP/i6SQFa8FOAJf94oD84HWKYD
6CGGzGUtobxrtEouKa+2EDYahd2bciau7zUx1mfY+dvENLPLTe19nsPRtrlkufY3
sC6BG2cTNDhWH+QxTiIuqwLDL2zx96+JMWLjDz296+ThoTd7KDYLDRtMcqusjM70
10axRzeAJwd0rGL5vVop4w9kPfVQ/AgFQgliU+QCxEYP5iGghaqd3wGtbB++76I1
tuFs/yXnVD5VBJzpLxon1kGmMYpgzkXN0w2HG8c2dw35PMxo+bVNf0cTPQsMuNKz
wkTlrAGYqjTrFvbmJOhhzKHrPNfBpGAjjSsAP4Hv7/DOWHYAws2zxF/zi+TU3hJX
xFoud13es0PpKitsKE3N7BU7tfqpGwxPiVZ+k4EokSFjEQQAu4ueHnsxRz3JtoZX
sxxvUFQWZi3ZAZVspI+y1Puh/ITcvKKTaIqwQfmXVmN3ud2r0wiUtMeSJd5QLbj/
BdR3J68dnly19mytGfLkrCrYmxq3AcWCUGcc8m0mGLpe34BK9c4OkyPrwiSqQHUF
imZ3/Pay/4FWOdzhuijQUVa52vJEgZwfAGE/XrGymtxrIfnuJjpMLlHzaKK60BBC
YOmmDrwFFC0AN9ggrcorMsVYoKE/I3+6vAwCsOxDIw38aqLyxghnUrl/7bOL7YWY
cvq74L7wipJD2PUy6UmW
=tGVe
-----END PGP SIGNATURE-----
☢ Unofficial Support ☢ All messages are signed with my PGP key (so you can verify that the message has been created by me and has not been tampered with or corrupted). You can view my key here.
Re: [Request] Add QR Code To Token Delivery
The reason we've never gotten around to implementing this is because the QR code would have to point to something, and without a protocol handler in the official OpenVPN app that we recommend, it wouldn't be possible to do a type of scan -> "preload token into app" thing.
So the only way I can think of to use QR codes for token deliver is if we coded our own Android/iOS app, and that's not something we plan on doing anytime soon.
So the only way I can think of to use QR codes for token deliver is if we coded our own Android/iOS app, and that's not something we plan on doing anytime soon.
Re: [Request] Add QR Code To Token Delivery
@df
It would be good enough to deliver the QR code in-browser in the same page where the token is delivered currently. This also gives CS the opportunity to pre-emptively hash the token and generate the QR code from that. Once it's imported into the phone, it's then up to the user to apply SHA512 (or not), and then copy & paste the result into Arne Schwab's OpenVPN client.
It would certainly make life a whole lot easier than the current situation, where a QR code has to be generated manually and then loaded into an image viewer before being scanned.
It would be good enough to deliver the QR code in-browser in the same page where the token is delivered currently. This also gives CS the opportunity to pre-emptively hash the token and generate the QR code from that. Once it's imported into the phone, it's then up to the user to apply SHA512 (or not), and then copy & paste the result into Arne Schwab's OpenVPN client.
It would certainly make life a whole lot easier than the current situation, where a QR code has to be generated manually and then loaded into an image viewer before being scanned.