Difference between revisions of "Yubikey Proposal"
(Created page with 'Yubikey is a two factor authentication mechanism that uses USB dongles to provide an encrypted password that is then decrypted by the machine and checked against an database on a…') |
(No difference)
|
Revision as of 14:05, 24 October 2012
Yubikey is a two factor authentication mechanism that uses USB dongles to provide an encrypted password that is then decrypted by the machine and checked against an database on a server.
- PROS
- No drivers required
- Two factor authentication is more secure
- Easy integration
- Cross Platform
- Flexible, can be tied into many existing systems
- Open source server implementation
- Cheap to implement
- Multiple Authentication options
- Resistance to keyloggers
- Cons
- Requires Additional Infrastructure
- Authentication server can be imitated
- Does not offer real data security in case of machine theft
- Physical object (Can be stolen/lost)
- Additional administration and tracking required to distribute dongles
Considerations Best used in conjunction with other technology, eg: Full disk encryption, kerberos Can be programmed to use a one time password mechanism or a reusable password that is concatenated to the end of a typed in password
Both require the yubikey to log in, the latter being easier to configure but the former being more secure
Conclusions