I’ve found one article laying out how to do two-factor authentication in Meteor with Twilio SMS. I like this as a solution, but I can’t get over the fact that I’d be writing my own security for two-factor authentication. Anyone know of an existing package?
That article is here:
@awatson1978, did you run into this issue as well while working on HIPAA-compliant apps?
Not I. HIPAA has a lot of overlap with security, but when it gets to advanced topics, tends towards business solutions rather than technical solutions. After basic encryption is implemented, HIPAA security looks at implementing good business practices with policies and procedures, rather than implementing advanced encryption schemes like 2 factor auth.
That being said, the HL7 Argonaut FHIR project is in the process of implementing an OAuth2 server. It’s sort of like a 2 factor auth, and I’ve heard of people kludging it to do 2 factor.
If OAuth will suffice, I can provide leads on that; but that’s about exhausts my knowledge of security (and this HL7/OAuth package itself is definitely pushing the boundaries of my security knowledge. Any help would be much appreciated.)
Have you made any advance on the OAuth2 server? We will be working on creating such a package for Rocket.Chat next week.
Should we join forces?
Have you implemented this in Rocket.Chat?
Hi guys, we started the work and managed to get it working on Rocket.Chat