Open main menu

CDOT Wiki β

Changes

Yubikey Proposal

300 bytes added, 14:07, 24 October 2012
no edit summary
Yubikey is a two factor authentication mechanism that uses USB dongles to provide an encrypted password that is then decrypted by the machine and checked against an database on a server.
==Pros/Cons==
* PROS
** No drivers required
** Additional administration and tracking required to distribute dongles
==Considerations==
Best used in conjunction with other technology, eg: Full disk encryption, kerberos
Can be programmed to use a one time password mechanism or a reusable password that is concatenated to the end of a typed in password
Both require the yubikey to log in, the latter being easier to configure but the former being more secure
==Conclusions== Adding yubikey authentication to our existing infrastructure does increase authentication security, however it does little for physical security of machines. It's cross-platform nature makes it simple to integrate in our existing Windows, Mac and Linux computers and servers.
1
edit