I love Windows Home Server very much, and recommend it constantly. I did a lot of research before settling on a backup solution and I can confidently say that WHS meets and exceeds all my requirements. What I wanted was centralized storage and backup, and what I ended up with was that in spades, plus a whole lot more besides.
One of my favorite features that I didn’t even know I needed is the remote access support in WHS. I can log on to my server remotely, download and upload files, view photo albums, and even make proxied remote desktop connections into my home pcs/mediacenter. BUT, this brings me to my main complaint about WHS. There is no built-in support for strong authentication. If I’m exposing all my data and machines to the internet at large, I want a lot more than a keyloggable password standing in the way.
So, I’m working on an add-in that will enable some two-factor auth models, and I will be recording my efforts here. My solution will revolve around introducing a model to enable requiring a one time password in addition to the remote access acount password, and initially I will be suppporting OTPs furnished by the yubikey token. The yubikey is a cheap hardware OTP token that uses all open source software in the backend.
I already have most of the prep-work done for this project, and am just waiting for my yubikeys to arrive. I’ll be detailing more of my solution as I go along, and I’ll be publishing this project on codeplex once I can do some concrete testing and stabilization, and I hope it will help the community improve authentication on the WHS platform.