Viewing posts by root
When do I need a commercial license?
Posted by: root 15 years, 11 months ago
If you want support, if you want one of the wireless software tokens clients,
or if you want RADIUS support, you should get the Enterprise version. In general, for
enterprise deployments, we recommend the Enterprise version. Or, if you like the project and just want to support us, buy the Enterprise version.
Will the WiKID token run on a USB Token?
Posted by: root 15 years, 11 months ago
Yes. It can run on any USB drive and because we use asymmetric keys and the key pairs will be generated on the USB drive, the distribution of tokens is much easier. Any user can get any fresh USB drive and use it.
What is the base architecture of WiKID Authentication?
Posted by: root 15 years, 11 months ago
WiKID Strong Authentication consists of two main elements, the WiKID Strong Authentication Server and the WiKID Two-factor Client for user devices. The WiKID Strong Authentication Server interfaces with various Network Clients, such as firewalls, VPN services, Citrix, directories or applications via Protocol Modules, such as RADIUS, LDAP, SMB or the WiKID Authentication Protocol, an SSL-encapsulated API for web-enabled application integration.
When a user wants to login,say to a VPN service, they enter a PIN into the WiKID Software token client, it is encrypted by the public key of the WiKID server and sent to the server. If the encryption is valid, the PIN is correct and the account is active, the server returns the one-time passcode encrypted by the Client's public key. The user then enter their username and one-time passcode into the VPN client. The VPN service forwards the credentials to the WiKID server via a protocol such as Radius for validation.
What are WiKID "Domains"?
Posted by: root 15 years, 11 months ago
A WiKID Strong Authentication Server is capable of managing multiple domains. A domain segregates users with respect to access and security. For example, remote office users would be associated with a VPN domain that granted access through a Cisco ASA service. Remote access to the Cisco ASA itself could be granted to administrators using a separate domain. Each domain can have different security elements such as PIN length, passcode lifetime, maximum bad PIN attempts, etc.
The WiKID client is capable of working with domains across multiple authentication servers, even from different enterprises, with no reduction in security. Thus WiKID is ideally suited for the Internet age.
But we can't ask non-employees to run software on their PCs. What can we do about vendors?
Posted by: root 15 years, 11 months ago
We suggest you use USB tokens or wireless tokens.
Recent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)