Menu
Suppose you want to add an extra layer of credentials on top of a SSL-encrypted login/password, but you don't want to increase complexity to the user. Is there a way to add the requirement of the possession of a dongle to web-server authentication schemes with existing cross-platform browser capabilities?
In other words, to get access to the web-site, you would need a username, password, and a USB dongle that has been plugged into the client computer. The dongle would presumably do some sort of challenge/response.
It'd be ideal if this dongle solution worked with Firefox automatically or with the simple addition of a plugin.
Thoughts and suggestions are appreciated.
724
Dongle protection works by using electronic copy protection and is programmed with a hardware key or other encryption that can unlock content or software usage. Dongle protection has historically protected desktop-based applications but can also be utilized for web-based systems as well.
Check the radio button next to your dongle's name and click “Share”. Once the link is up, you'll see your USB security key in the client machine's system, just as if it was physically plugged into it. And that's all you need to do to share a USB dongle over the network. That's it!
How to make virtual USB dongle. To get started, create the Donglify account. Then download and install the application on the computer with the dongle physically attached to it (so-called server) and on the client machines that require remote access to that shared dongle.
You may be interested in the Yubikey.
It's a small usb dongle that acts as a usb keyboard (i.e. needs no special drivers or client software) and is designed exactly for this sort of authentication.
151
You could use RSA SecurID tokens, which are little keychain displays that change the number displayed every one minute. In addition to requiring the username and password, you can also require them to enter the number they see on their token to verify they have the hardware device with them. There are various hardware dongles, with some even requiring a PIN to be entered to see the changing number. The is extra complexity on the server side, but the client doesn't have too much trouble.
30
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
