Home > IAM, Security, Sysadmin > OpenSSO, OpenID and Yubikey, the perfect personal SSO: cheap, and secure

OpenSSO, OpenID and Yubikey, the perfect personal SSO: cheap, and secure

August 3rd, 2009 Leave a comment Go to comments

As a new owner of an yubikey, I was looking the best way to integrate it with the web application I already use. While there is already an available OpenID provider which support Yubikey authentication, I prefer to manage my own system, using OpenSSO for sure :)
Yubikey
First, let me introduce the yubikey. This USB key act as an OTP (One Time Password) device, each time you press the button, the key compute a new password. This pasword must be verify, in the case of Yubikey, this is done by query a Webservices on a yubico (the company) server. Yubikey offers a lot of advantages than others classical OTP devices, including:

  • The yubikey is see as an USB keyboard (class HID), no driver required!
  • No battery, more longlife than anothers devices
  • Very cheap, around 20 euros (ordered by 10, from France), transport and taxes included

So, why choose OpenSSO? For few years know, OpenSSO provides an extension to act as an OpenID provider, and an authentication class is available for the Yubikey.

OpenSSO OpenID Yubikey

References:

Categories: IAM, Security, Sysadmin Tags: , ,
  1. December 11th, 2009 at 09:30 | #1

    If you own a yubikey you should try a swekey.

    The swekey is already integrated in numerous open source apps (including wordpress) and you don’t even need to press a button to authenticate yourself.

  1. August 3rd, 2009 at 19:00 | #1