open source two-factor authentication system released
owen...@gmail.com
so, please check out the open source version of the WiKID Strong
Authentication System. The WiKID Strong Authentication System is a
key-based two-factor authentication system that is flexible enough to
replace passwords. We built WiKID to be a flexible, extensible, and
secure alternative to tokens or passwords. The project website is here:
https://sourceforge.net/projects/wikid-twofactor/
Here is a brief overview what we have released:
>> The WiKID Strong Authentication OSS server
>> A J2SE WiKID token client
>> Initial validation scripts (ASP) for automating new user additions
>> The windows dll network client component (for ASP apps, e.g.)
>> The java network client component (for jsp apps, e.g.)
>> Example jsp script for use writing your own WiKID protected jsp pages
>> TACACS+ and Openldap network clients - with more on the way
The server is packaged as RPMs for your convenience. SRPMs are
available too. It is tested on Fedora Core 4 with Tomcat 4.1.27.
Features include:
>> Easy to use web-based management
>> Replication for fault-tolerance
>> Highly scalable architecture
>> Each server supports multiple security domains pointed at difference
network resources
>> Each client supports of multiple domains - across multiple servers
>> Each user can have multiple clients in different locations
>> Configure passcode lifetime, PIN length, max bad PIN attempts and max
bad passcode attempts by domain
>> Automated user validation based on existing trusted credentials
>> No hardware token required; can be run from a USB token
>> Easier to use and more extensible than, yet as secure as a key fob token
>> More secure and easier to implement than client certificates
>> Extensible across multiple enterprises
>> Perfect for web-based applications, remote access and non-employee
strong authentication such as online banking
>> Open source, with commercial support available.
Feedback and contributions very much appreciated.
Nick