Skip to main content

open-source-two-factor-authentication-for-google

Gotta love open source. To paraphrase, if the project you are looking for doesn't exist, just wait (or start it yourself). I've been wanting to do a proof-of-concept on adding two-factor authentication to Google Apps for you Domain for a long time. And while we will probably put this functionality into the WiKID server down the road, I wanted something right now :).

Today, we released a WiKID plugin for the GHeimdall (silent G) project. GHeimdall is a TurboGears project for Google Apps SSO service that allows you to use your own authentication service to log into Google Apps for your Domain. There are sample plugins that made it quite easy to create a WiKID plugin using our Python code.

Applications in the cloud like Google's Apps face serious security threats from keystroke loggers and potential Man-in-the-middle attacks. While these threats won't stop most personal users, it can be an issue for corporate users or people that care about security. Eventually, the threats might seriously impede market growth. One friend of mine had his Yahoo mail credentials stolen. He had no option but to get a new account (this time on GMail) and he lost all this emails and contact information as it was his only account and he used it for business. What did the attackers gain? A valid account from which they could send spam. And they probably sent spam to all his contacts.

You can upgrade your Google Apps account to the Premier Edition for 30 days. You can also download and test the WiKID two-factor authentication server for 30 days or use the open source community edition.

The WiKID-GHeimdall plugin is pretty basic and it works, but should be considered "experimental". There is a how-to in the package. Thanks to Takashi Matsuo for his help and for developing GHeimdall.

Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom