Thread Rating:
  • 1 Vote(s) - 1 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Authentication by MAC Address?
#1
I have started to review this product as our company is looking to host an internal forum. However, due to the sensitivity of the information we are looking to make available, it is required by management that the connections be authenticated by MAC address, not by user. Is that something that this product is able to accomplish or that may be in the works for a future release?
#2
No, that is not possible right now and it is not planned. It can only be achieved via plugin.
MyBB-Plugins.com is for sale - check this thread for more information.
#3
This user has been denied support. This user has been denied support.
Even if you were able to authenticate by Mac address (they are only available in a local network scenario, i.e. when there is no router in between), it's easy to spoof mac addresses, so it's not a reliable form of authentication. HTTP offers its own authentication mechanism (configurable with htaccess / htpasswd), and if it's sensitive information you also want encryption (https). Maybe even consider VPN.
#4
Ok, so if the goal is to take away the ability for a user to give out a username/password and to have the information accessible only from the hardware that we choose (our own), then is a VPN with an installed client the best way to accomplish? I know we are getting away from the purpose of this thread.
#5
This user has been denied support. This user has been denied support.
I dunno about "best way" but VPN beats Mac address in any case, and depending on which VPN solution you choose (e.g. OpenVPN) the VPN server can also check the clients mac address so you get best of both worlds - mac address can be transferred over VPN regardless of your network situation (e.g. router between two locations) and its also encrypted and may require additional credentials (password etc) which is not known to the end user (if he works on a system where he does not have access to the vpn client setup).
#6
may be IP address based restriction is possible thru htaccess OR similar methods ...
#7
To everyone who has posted on the thread you havent looked at what you could actually do with this

i think this is actually possile but WILL require a plugin to be written

Have options in the admin cp where admin can add mac addresses
Have database to store mac addresses

When user visits site plugin checks database for the users mac address

If matched user visits forum if not something else is shown

#8
I actually wrote a plugin to do exactly that. The problem with MAC address auth is that they're easily spoofed.

No longer involved in the MyBB project.
#9
true but if the person who wants to spoof a mac doesnt have access to the database how do they know what to spoof it to be?
#10
(2012-02-13, 03:40 PM)TMGFX Wrote: true but if the person who wants to spoof a mac doesnt have access to the database how do they know what to spoof it to be?

The only time you could use MAC authentication is on a LAN, in which case it's likely other users will know how it's setup.
No longer involved in the MyBB project.


Forum Jump:


Users browsing this thread: 1 Guest(s)