WiKID Two-Factor Authentication plugin for PAS
WiKIDAuthPlugin is a Plone PAS plugin that once installed in the user folder will enable WiKID two-factor authentication for your Plone site.
WiKIDAuthPlugin is a Plone PAS plugin that once installed in the user
folder will enable WiKID two-factor authentication for your Plone
site. This is a very basic release. It was tested on 2.5.3 and on
3.0.6. If there is interest in this product, we will certainly work
to make it better. It requires pyOpenSSL and version 3.0 or higher of
the WiKID Strong Authentication Server.
WiKID is a dual-source two-factor authentication system. It consists
of: a PIN, stored in the user's head; a small, lightweight client that
encapsulates the private/public keys; and a server that stores the
public keys of the client's and the user's PIN. When the user
wants to login to a service, they start the client and enter their
PIN, which is encrypted and sent to the server. If the PIN is
correct, the account active and the encryption valid, the user is sent
a one-time passcode to use instead of a static password. The token
client can run on a Windows, Mac or Linux PC or a wireless device such
as a Blackberry, J2ME cellphone or Smartphone.
The WiKID PC tokens support mutual https authentication, thwarting
network-based Man-in-the-middle attacks. Simply add the https URL of
your Plone site to the domain as the "Registered URL". Combining SSL, mutual
authentication, two-factor authentication and Plone's robust security
and access control makes for a very secure site.
No stable release available yet.
|0.2||Release includes an updated WiKID Python network client with a bug fix allowing users to add a second token to an existing account using a one-time passcode from an existing token. More about this release…||
|0.1||This is an initial release. It works, but is not pretty :). More about this release…||