| Yubico Forum https://forum.yubico.com/ |
|
| No password option for openid? https://forum.yubico.com/viewtopic.php?f=16&t=195 |
Page 1 of 1 |
| Author: | Massyn [ Mon Oct 06, 2008 7:31 am ] |
| Post subject: | No password option for openid? |
Hi all, Can we get a password added to the openid server? I feel somewhat insecure knowing if my yubikey gets lost, someone could authenticate as me. I think it's important to be sure with the "something you have" and "something you know" methodology. THanks! |
|
| Author: | Simon [ Mon Oct 20, 2008 12:23 pm ] |
| Post subject: | Re: No password option for openid? |
Have you seen Clavid.Com? They provide a more full-featured OpenID server with YubiKey support, and they do support passwords. As for our openid server, it is open source, so if you send patches to (optionally!) set a password and require that it is used for verification, I can review it.  See source code at:http://code.google.com/p/yubico-openid-server/ It is based on JanRain's example server. /Simon |
|
| Author: | Robert [ Mon Oct 20, 2008 8:01 pm ] |
| Post subject: | Re: No password option for openid? |
Here the login settings screen of clavid where you can disable one-factor authentication and enable Yubikey & Password to assure two-factor authentication. Attachment: clavid-login-settings.jpg
|
|
| Author: | Simon [ Wed Feb 18, 2009 12:15 pm ] |
| Post subject: | Re: No password option for openid? |
Massyn wrote: Hi all, Can we get a password added to the openid server? I feel somewhat insecure knowing if my yubikey gets lost, someone could authenticate as me. I think it's important to be sure with the "something you have" and "something you know" methodology. THanks! Good point, I have added an issue in our project around this: http://code.google.com/p/yubico-openid- ... etail?id=1 We don't have time to implement this now, the reason is the complexity and size of this task, but I would be very happy if you or someone else took up the effort here and implemented this. For our upcoming SAML server, we have created a separate administrative interface, see: http://code.google.com/p/yubikey-simplesaml-admin/ Possibly something like that could be used for OpenID as well. /Simon |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|