Personal tools
You are here: Home Community Version

Open Source Two-factor authentication: The WiKID Community Edition

About the Community Version

The WiKID Community Version is a free-as-in-speech two-factor authentication system. We have included every piece of the WiKID code, except code we licensed from 3rd parties. You can read more about the differences between the Community and Enterprise versions here.

If you have questions or need support, please post them on the Nabble Forums. 

The Community Edition can be downloaded from the Sourceforge Site.

What's included?

The WiKID Strong Authentication System consists of three parts: the WiKID server, the WiKID token client and a network client (such as a VPN, website or other service requesting authentication). The WiKID server is written in Java, as is the open source J2SE PC client. As part of this release, we are also releasing the following under the GPL:

  • ASP code for end-user self validation. New users can provision their own WiKID token clients based on trusted LAN credentials, in this case, Active Directory credentials. This code can easily be modified for other types of credentials.
  • The wAuth COM object and Java component. Network clients talk to the WiKID server using an SSL encrypted protocol - wAuth. These objects can be used to integrate WiKID into any application. The file example.jsp shows how easily this is done for Java-based web applications. The Citrix Web Interface and the ASP code for end-user validation show how simple this is for ASP applications.
  • The J2SE WiKID token clients. The token client is responsible for key generation, domain management and one-time password requests. It can run on your PC, a suitable PDA or on a device such as a USB token. The beta Firefox software token is also released under the GPL.
  • Please see the How-To section for information on using WiKID 2-Factor Authentication with TACACS+, OpenVPN, Squirrelmail and other IMAP services, and FreeNX, remote desktop and VNC

What can I do with it?

Get rid of your passwords!

If you manage multiple accounts and boxes across multiple entities, WiKID can help you reduce your password overload. One WiKID token can work with multiple WiKID servers, so, if you want to get rid of your static passwords, deploy WiKID in as many places as you can. To make this as easy as possible, we have published some articles on how to use WiKID with TACACS+, OpenVPN, Webmail/SquirrelMail, and FreeNX (and thus VNC and RDP).

WiKID is great for:

  • Strong authentication for remote access via a VPN
  • Strong Authentication for remote access via Citrix
  • Two-factor Authentication for extranet applications
  • Locking down internet-exposed intranets
  • Secure Online Banking - fight phishing and other attacks
  • Lock down SSH and other admin access
  • Any place you might have used certificates or token, but couldn't because of cost, hassle, etc.

Features

  • Easy to use Web Interface
  • Automated initial validation of users
  • Fault tolerance via replication
  • Highly scalable - each transaction is 300 bits +/-
  • Simple user disablement
  • Support for a number of network protocols
  • No need for time synchronization - Request-response architecture
  • Each client can support multiple relationships across multiple servers
  • Extensible across enterprises

 

SourceForge.net Logo
What People are Saying