Feature #1248
Yubikey Authentication Patch
| Status : | New | Start : | 08/07/2008 | |
| Priority : | Normal | Due date : | ||
| Assigned to : | - | % Done : | 0% |
|
| Category : | backend | |||
| Target version : | - | |||
| Resolution : |
Description
Hi,
I have created a patch to integrate Yubikey authentication into Typo. Yubikey's are small USB devices that generate one-time passwords. You can read about the Yubikey here.
This implementation uses Yubico's authentication web service. It includes UI mods for admins to configure and enable/disable Yubikey authentication. Also, there are user-spefic UI changes to enter his public ID and enable/disable authentication.
When enabled, in addition to "Username" & "Password," the login screen shows a third field "Yubikey OTP" (one-time password).
The patch was created against revision 1782.
This is a cool and useful feature that enhances security, but it might be kind of hard to test without an actual Yubikey. Feel free to contact me to work this out.
-D
History
08/09/2008 12:28 AM - Dirk Merkel
- File yubikey_authentication.diff added
The diff file attached to the first message in this issue is missing two files that are new altogether - sorry about that. I'm attached the correct diff file to this message.
-D
08/21/2008 04:48 PM - Matijs van Zuijlen
Maybe this can be reworked into a plugin? There are many OTP providers out there. Having an entry for each doesn't make much sense.
08/22/2008 06:47 PM - Dirk Merkel
I don't know whether the same level of integration would be possible with a plugin. The way it works right now, none of the user UI options appear unless the admin has enabled Yubikey authentication. Adding other OTP schemes should be possible in the same manner. Adding this patch should not affect an existing Typo installation until the admin decides to enable Yubikey authentication.