YubiKey 2 Factor Authentication

[Andy Millne]

File Name: YubiKey 2 Factor Authentication

File Submitter: AndyMillne

File Submitted: 17 Jun 2012

File Category: Security

Adds an additional physical layer of security to your community through the use of YubiKeys by Yubico even when using a non secure connection.

The YubiKey protects your online identity from malware and hackers at a security level that utilizes 128 bit strong key and the AES state-of-the-art encryption algorithm.

The keys themselves are manufactured in Sweden and California with best practice security processes. The manufacturing process involves high-pressure moulding into plastic, making it practically impossible to tamper with.

Key Features

• Supports both ACP and frontend logins for extra security. Frontend logins can be optionally disabled.
• Use the free Yubico validation service or your own self-hosted service.
• Allow end users to provision their own YubiKeys or restrict adding and removing to admin users.
• Users can report their key lost or damaged and reset it using email validation.
• Fully compatible with the mobile skin*
  

*Physical device restrictions may apply. For most mobile applications a USB to micro USB adapter will be required.

http://vimeo.com/44192652

Installation

To install the YubiKey addon, please do the following: The installation is now complete! Configuration Once installed you will need to set up the addon with your Yubico online validation service API ID and KEY. These can be obtained from the following link; To add your API key, edit the settings in the admin control panel at; ACP > System > System Settings > System > Security & Privacy From this same screen you can also define the login type you would like to use (ACP only or all areas of IPB) as well as whether user's can add and remove their own key or whether this must be done by an admin. Adding and Removing YubiKeys This addon supports two login type modes, admin only or admin and frontend. If the latter is enabled as well as the setting "allow user's to provision their own keys" then user's will be able to add and remove their YubiKey from the "YubiKey" tab in their user control panel. If "admin only" is enabled or the system is set up so user's cannot provision their own keys then this option will no longer be available and keys will need to be set up from ACP > Members > Manage Members > Edit > YubiKey Questions? If you have any further questions regarding the operation of this addon or would like to suggest additional features please post in the following support topic: Support is renewable for only $10 on a six-monthly basis. With active support you will have continued access to product upgrades and support. If you choose not to renew, the YubiKey addon will continue to function as normal and you can renew at any time without penalty to regain access to upgrades.

[*]Upload all the files contained in the "upload" folder of the distribution to the root of your IP.Board installation. [*]Go to your Admin CP, select the System tab, then choose Manage Hooks. [*]Click install hook and then navigate to the yubikey.xml file in the package you downloaded from the IPS Marketplace.







https://upgrade.yubico.com/getapikey/















http://community.inv...authentication/






[url= here to download this file

[valendono]

its too expensive for me and is it local plugin or remotely ?

if cheaper I gonna try it.

[jackflash]

I don't know what's involved in creating applications, but for $50.00, it's well worth it if it saves my community (and my ass).

[Nickolas]

I am interested in purchasing this add-on but just had a few questions before I proceed with my purchase.

1. Does the add-on work with the latest version of IPB?

2. Is the add-on encoded?

3. Is the add-on still actively being supported?

Thanks

[Andy Millne]

1) Yes the addon works on 3.3+ up to and including 3.4.5

2) No, the addon is viewable source

3) Yes, if you encounter any problems whatsoever, please do not hesitate to contact me.

[Nickolas]

1) Yes the addon works on 3.3+ up to and including 3.4.5

2) No, the addon is viewable source

3) Yes, if you encounter any problems whatsoever, please do not hesitate to contact me.

Thanks for your response. Just purchased :smile:

[Nickolas]

If I purchase your "Google 2 Factor Authentication 1.0.0" add-on, will it work along side of this one?

[Andy Millne]

Yes and no. Provided the user only sets up one method then it should still work. You would need to make sure that only one or the other was used for the ACP login as well. There's nothing to currently prevent the user trying to set up both however so I would not recommend this.

[Nickolas]

Yes and no. Provided the user only sets up one method then it should still work. You would need to make sure that only one or the other was used for the ACP login as well. There's nothing to currently prevent the user trying to set up both however so I would not recommend this.

So both add-on will work with each other as long as they aren't used at the same time? Do you have any future plans to prevent this?

Thanks

[Wolf]

@Andy Millne

Could you potentially make this for IPS4?

[Andy Millne]

Hi @Wolf

This is a very niche plugin but yes, if you were to supply a key for development and meet the other associated development costs then it could be developed for IPS4

[Parisian]

Since WebAuthn is a browser standard now IPS4 should support this natively as a 2FA option.