Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 1:26 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Mon Oct 06, 2008 7:31 am 
Offline

Joined: Mon Jun 16, 2008 3:10 am
Posts: 25
Location: Sydney, Australia
Hi all,

Can we get a password added to the openid server? I feel somewhat insecure knowing if my yubikey gets lost, someone could authenticate as me. I think it's important to be sure with the "something you have" and "something you know" methodology.

THanks!


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Mon Oct 20, 2008 12:23 pm 
Offline
Site Admin
Site Admin

Joined: Tue May 06, 2008 7:22 pm
Posts: 151
Have you seen Clavid.Com? They provide a more full-featured OpenID server with YubiKey support, and they do support passwords.

As for our openid server, it is open source, so if you send patches to (optionally!) set a password and require that it is used for verification, I can review it. :) See source code at:

http://code.google.com/p/yubico-openid-server/

It is based on JanRain's example server.

/Simon


Top
 Profile  
Reply with quote  
PostPosted: Mon Oct 20, 2008 8:01 pm 
Offline
User avatar

Joined: Sun Aug 17, 2008 7:06 pm
Posts: 11
Location: Switzerland
Here the login settings screen of clavid where you can disable one-factor authentication and enable Yubikey & Password to assure two-factor authentication.

Attachment:
clavid-login-settings.jpg

_________________
YubiKey & OpenID/SAML => web security without compromising usability!


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 18, 2009 12:15 pm 
Offline
Site Admin
Site Admin

Joined: Tue May 06, 2008 7:22 pm
Posts: 151
Massyn wrote:
Hi all,

Can we get a password added to the openid server? I feel somewhat insecure knowing if my yubikey gets lost, someone could authenticate as me. I think it's important to be sure with the "something you have" and "something you know" methodology.

THanks!


Good point, I have added an issue in our project around this:

http://code.google.com/p/yubico-openid- ... etail?id=1

We don't have time to implement this now, the reason is the complexity and size of this task, but I would be very happy if you or someone else took up the effort here and implemented this.

For our upcoming SAML server, we have created a separate administrative interface, see:

http://code.google.com/p/yubikey-simplesaml-admin/

Possibly something like that could be used for OpenID as well.

/Simon


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: YahooSeeker [Bot] and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group