Difference between revisions of "Yubikey Proposal"

From CDOT Wiki
Jump to: navigation, search
(Created page with 'Yubikey is a two factor authentication mechanism that uses USB dongles to provide an encrypted password that is then decrypted by the machine and checked against an database on a…')
(No difference)

Revision as of 14:05, 24 October 2012

Yubikey is a two factor authentication mechanism that uses USB dongles to provide an encrypted password that is then decrypted by the machine and checked against an database on a server.

  • PROS
    • No drivers required
    • Two factor authentication is more secure
    • Easy integration
    • Cross Platform
    • Flexible, can be tied into many existing systems
    • Open source server implementation
    • Cheap to implement
    • Multiple Authentication options
    • Resistance to keyloggers
  • Cons
    • Requires Additional Infrastructure
    • Authentication server can be imitated
    • Does not offer real data security in case of machine theft
    • Physical object (Can be stolen/lost)
    • Additional administration and tracking required to distribute dongles

Considerations Best used in conjunction with other technology, eg: Full disk encryption, kerberos Can be programmed to use a one time password mechanism or a reusable password that is concatenated to the end of a typed in password

Both require the yubikey to log in, the latter being easier to configure but the former being more secure

Conclusions