Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Password of the Day

    Scheduled Pinned Locked Moved Captive Portal
    4 Posts 4 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ChrisLynchC
      ChrisLynch
      last edited by

      Has anyone implemented a Password of the Day-like configuration with pfSense Captive Portal?  There are some firewall solutions that offer POTD as an option, and would love to use a feature like that instead of username/password.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        You could just update a RADIUS password and hard-code the username in the form.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan
          last edited by

          Design your own 'portal login page' with some PHP code.
          This code selects the day number of the month - and thus a hidden user-name-on-that-day. You do this only ones.

          Define each "user-name-on-that-day" in the pfSense's Local user manager. Each with a password for that unique user (for that day). Every month, fill up you 29/30/31 users with new passwords (POTD).

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 0
          • M
            muswellhillbilly
            last edited by

            I change some of my passwords weekly, but this could just as easily be done every day if need be.

            I keep a list of passwords in a text file, with one password on each line. I use a short script (rotatefile.sh) on the RADIUS server to pick up the password from the top of the file and put it at the bottom:

            #!/bin/sh

            Take first line of wordfile

            pw=head -n 1 /root/wordfile.txt
            echo "$pw"

            Delete first line in wordfile

            sed -i 1d /root/wordfile.txt

            Append wordfile with word taken from top

            echo $pw >> /root/wordfile.txt

            I then call this script from within another script which picks up the password from the file and uses it to update the entry for that login on the RADIUS server. Whether you use a flat-file or a SQL backend, either way it works:

            t4=/root/rotatefile.sh

            The t4 environment parameter can then be used to perform a 'sed' change on your users file or be parsed into your SQL database. As Derelict has suggested, you can post the username on the form itself if you need to.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.