Skip to main content

The WiKID Blog

The WiKID Blog, musings on two-factor authentication, information security and some other stuff.

The two things that actually work in information security and how to deploy them.

I was struck by this tweet by @chrisrollf:
2FA and VPNs  - 2 things that work

Sophos & Two-factor authentication

We tested integrating WiKID for two-factor authentication to a Sophos UTM VPN.  We documented the SSL-VPN, the LT2P /IPSec VPN and locking down administrator access.  Before you do any of these, you must first enable two-factor authentication on the Sophos VPN.

How can I install Oracle JDK 8 from the command line?

Note that you can install openjdk 8:

Self-hosted or Authentication-as-a-service?

So, we just released a freemium offering.  That's typically a SaaS marketing move.   Various hosted solutions have freemium two-factor authentication offerings.  However, many, many people are uncomfortable outsourcing the keys to their kingdom.  The reason we are willing to offer a piece of server software as a freemium product is that we are highly confident that the support costs will be minimal.  Our server is very robust and rugged.  It runs and runs.  Come to our IRC channel (#wikid on freenode) and ask some customers.  In fact, one of our biggest issues is that customers don't upgrade the server because they never have issues with it.

Authentication-as-a-Service offerings are not really 'software-free' either.  RADIUS, the primary authentication protocol for all enterprises is not encrypted.  So any AaaS service you use requires that you install software to proxy these requests.  Our goal is to make it as easy to install WiKID as it is to install these proxies.  On top of that, we offer advanced RADIUS functionality like Return-attributes, groups  as well as other protocols like TACACS+.

In addition, WiKID is easier for the end-user than 'two-step authentication'.  With WiKID, you get the OTP and login. That's better than logging in with a username and password, then getting an OTP and logging in.  Users do not need an extra hassle.

New eGuide on Adding Two-factor Authentication to your Network

Multi-factor authentication is a key requirement for securing infrastructure, we have tried our best to make it less expensive and less of a headache for users and admins. We do a lot of work helping systems administrators integrate two-factor authentication. These efforts often involve supporting other products and we're ok with that. People ask us "Do you work with my VPN?" So we often produce tutorials on how to add two-factor authentication a specific product, like OpenVPN or a Cisco box or a Juniper UAC.

Recent Posts







RSS / Atom