Swekey Authentication Module for OpenSSO
I just finished another OpenSSO Extension - this time, an authentication module for the Swekey authentication key (README, source). The authentication module prompts the user for their username and uses the Swekey to generate a one-time password, which is validated against the Swekey authentication server.
It’s interesting to contrast the Swekey with the Yubikey, which I covered here a few months ago. Where the Yubikey emulates a USB keyboard, requiring no special client software, the Swekey requires a driver. On the other hand, where the Swekey is invoked automatically by a browser plugin, requiring no user intervention apart from inserting the device into a USB port, the Yubikey requires the user to press its button and, potentially, ensure that the cursor is in the correct input field. One thing they do now have in common, though: they both work with OpenSSO :-)
So, if you have a Swekey, grab the authentication module, deploy it (see the README) and let me know how you get on.
Comments
Chris Mueller
We are running prototypes of Swekey auth modules at SSOCircle since one month. One module uses user name and swekey the other module uses user name, swekey and a pin for additional security. If you have a swekey give it a try:
Module 1 : https://idp.ssocircle.com/sso/UI/Login?module=swekey
Module 2: https://idp.ssocircle.com/sso/UI/Login?module=SwekeyPin
You need to link the swekey first to your account. You can do this at the self administration page.
A cool feature is the logout feature on detach we are just playing with. Just detach the swekey and you are logged out.
Pat Patterson
Neat stuff, Chris - I'll give it a go!
Leave a Comment
Your email address will not be published. Required fields are marked *