I am trying to set up an authentication scheme for my wifi network for home with which I can have the user enter a constantly changing 4-6 digit code based on the time (Like what you see in the MFA apps). Simple old Two-factor Authenticator.
My plan is to have an easy way for people to login to the wifi network without having to deal with passwords, but still, be quite secure. I already have an Arduino that changes numbers on a LED lighting display which I can later sync to the changing numbers and a source which defines the current valid numbers based on the time
I am thinking about creating a Custom Captive Portal with which I can embed code to pull the current Two-factor Code.
The main problem I am having is how to get a captive portal either on the main router or an offshoot device where I can have the user enter the number and then have them whitelisted in the main network and have access to everything like the printers and TV.
At first, I was thinking about putting it on a raspberry pi but some people say that's a bad idea or just not feasible. After reading a lot, I am just confused now.
I mean I was looking for "consumer" grade routers like nighthawk level stuff, but none of them seem to support custom captive pages. I guess if I had that option from the main home router I could just build it into there.
Anyway in summary what I want the user to experience:
- Connect to network with Custom Captive Portal (which knows/can-pull current Two-factor Code)
- Enter the Two-Factor Code
- Have their mac address or device be white listed in the wifi router
- if Custom captive portal is on wifi router then (stay connected) else (automatically have device connect to wifi router)
How should I go about this?