id,summary,reporter,owner,description,type,status,priority,milestone,component,resolution,keywords,cc 580,Authenticate users using YubiKey sticks,Nicklas Nordborg,Nicklas Nordborg,"The idea is to use the YubiKey one-time-password system for logging users into BASE. To be able to do this BASE ticket 1599 (http://base.thep.lu.se/ticket/1599) need to be implemented first. The basic scheme goes something like this: 1. The administrator of the BASE server assigns a YubiKey id to a user. This can be stored either in the 'externalId' field or as an extended property. 2. When logging in, the user uses the YubiKey to fill in the ""login"" field and enters the ""password"" as usual. The usual login name is not used. 3. The YubiKey login module check the BASE database for a user with the given YubiKey id. If a user is found, the key is sent to the ""cloud"" for verification. If no user is found the regular login/password authentication is used, but only users without any attached YubiKey id are allowed to use this.",task,closed,blocker,YubiKey v1.0,net.sf.basedb.yubikey,fixed,,