Skip to main content

The WiKID Blog

Viewing posts by root

But we can't ask non-employees to run software on their PCs. What can we do about vendors?

We suggest you use USB tokens or wireless tokens.

Why did you release an open source version?

We want people to use our software.

We benefit from feedback from users whether they pay or not.

We want to partner, not just with proprietary software developers, but also open source projects and other 'dual source' companies.

We hope that evaluators will actually look at the code for weaknesses and help us make the product better. It ain't fixed until you've broken it.

We use open source software everyday and wanted to give something back.

How can a software token be as secure as a hardware token?

Simple, really.

There are two factors: possession of the private key and knowledge of the PIN. The private key is stored on the client. Our PC client, for example, this key is in a password-protected PKS12 encrypted file. If someone steals this file and brute-force attacks it and gets the passcode, they are only half-way there.

They still need the PIN. The PIN is stored encrypted on the WiKID server. Losing the private key is the equivalent of losing a hardware token. You're only half-way there.

Typical software tokens store the PIN, the secret and the algorythm all in the client. Clearly this is not the way to do it.

Can I use WiKID for two-factor authentication for GDM/XDM/Gnome/KDE login?

Most Linux services use PAM, so 'Yes'. Just configure /etc/pam.d/login to use Radius and you should be good to go.

Will WiKID Strong Authentication work in my network?

The short answer is 'yes'. Chances are that your network devices, whether they are Cisco switches or Nortel VPN concentrators, a custom web-application or a home-baked Linux firewalls, WiKID will work out of the box. Additionally, we can add network protocols with relative ease, if you're not covered by Radius, LDAP or the other major protocols. Finally, we offer a simple API and implementations in a number of languages - Java, COM, Python, PHP and Ruby - so you can easily add two-factor authentication to your custom applications.

Recent Posts







RSS / Atom