Changes

Jump to: navigation, search

Yubikey Proposal

1,088 bytes added, 14:05, 24 October 2012
Created page with 'Yubikey is a two factor authentication mechanism that uses USB dongles to provide an encrypted password that is then decrypted by the machine and checked against an database on a…'
Yubikey is a two factor authentication mechanism that uses USB dongles to provide an encrypted password that is then decrypted by the machine and checked against an database on a server.

* PROS
** No drivers required
** Two factor authentication is more secure
** Easy integration
** Cross Platform
** Flexible, can be tied into many existing systems
** Open source server implementation
** Cheap to implement
** Multiple Authentication options
** Resistance to keyloggers

* Cons
** Requires Additional Infrastructure
** Authentication server can be imitated
** Does not offer real data security in case of machine theft
** Physical object (Can be stolen/lost)
** Additional administration and tracking required to distribute dongles

Considerations
Best used in conjunction with other technology, eg: Full disk encryption, kerberos
Can be programmed to use a one time password mechanism or a reusable password that is concatenated to the end of a typed in password

Both require the yubikey to log in, the latter being easier to configure but the former being more secure

Conclusions
1
edit

Navigation menu