Authenticate users using YubiKey sticks
|Reported by:||Nicklas Nordborg||Owned by:||Nicklas Nordborg|
The basic scheme goes something like this:
- The administrator of the BASE server assigns a YubiKey id to a user. This can be stored either in the 'externalId' field or as an extended property.
- When logging in, the user uses the YubiKey to fill in the "login" field and enters the "password" as usual. The usual login name is not used.
- The YubiKey login module check the BASE database for a user with the given YubiKey id. If a user is found, the key is sent to the "cloud" for verification. If no user is found the regular login/password authentication is used, but only users without any attached YubiKey id are allowed to use this.
Change History (10)
Note: See TracTickets for help on using tickets.