Posted by:
admin
15 years, 2 months ago
WiKID is pleased to announce that we've released an open source version of WiKID. We've been working on this for the last few months. We needed to replace the Ntru encryption packages we use with open source 1024-bit RSA encryption and we needed remove the proprietary Radius server we had embedded into the WiKID server. Here is what we have released:
> The WiKID Strong Authentication OSS server
> A J2SE WiKID token client
> Initial validation scripts (ASP) for automating new user additions
> The windows dll network client component
> The java network client component
> Example jsp script for use writing your own WiKID protected jsp pages
> TACACS+ and Openldap network clients - with more on the way
The WiKID Strong Authentication Systems is a robust, flexible, scalable and secure two-factor authentication platform. Features include:
> Easy to use web-based management
> Replication for fault-tolerance
> Highly scalable architecture
> Each server supports multiple security domains pointed at difference network resources
> Each client supports of multiple domains - across multiple servers
> Each user can have multiple clients in different locations
> Configure passcode lifetime, PIN length, max bad PIN attempts and max bad passcode attempts by domain
> Automated user validation based on existing trusted credentials
> No hardware token required; can be run from a USB token
> Easier to use and more extensible than, yet as secure as a key fob token
> More secure and easier to implement than client certificates
> Extensible across multiple enterprises
> Perfect for web-based applications, remote access and non-employee strong authentication
> Open source, with commercial support available.
Why did we open source WiKID?
1. Passwords stink
We believe that passwords are past their prime. In order to make a dent in the password problem, we felt we needed to have an open source version that people could implement for free. Hopefully, this will make it economically worthwhile to use WiKID for some services where any cost would be prohibitive. Since a single WiKID client can support multiple relations with mutliple servers and since WiKID is simpler and more secure than passwords, we hope people will take advantage of it.
2. Open source is good
We like open source. We are especially interested in getting some good user feedback and suggestions for improving the system. We think this move will help various open source projects have been compromised by trusted path attacks (as discussed here). We hope that our code will get a lot of in-depth review and that will add its security.
3. It is a good business move
We think there will still be an excellent market for support and automated updates as well as for our commericial wireless clients for J2ME, Blackberry, Palm and PocketPC which use the incredibly fast Ntru encryption. Additionally, there is a potential for partnerships with companies that want to emded the WiKID server, network clients or token clients into their applications.
We have set up www.wikidsystems.net as our open source home page and a sourceforge project page as well. If you manage multiple servers in multiple locations and use the same passwords for all of them, you should really check out WiKID. Enjoy! Share on Twitter Share on Facebook
Recent Posts
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
- WiKID Android tokens had their data deleted over the weekend by Google Chrome bug
Archive
2024
- January (1)
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)