Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Zarafa SummerCamp 2012 - Yubikey integration
1. t w o -f a c t o r a u t h e n t ic a t io n w it h
y u b ik e y
H elmuth N euberger , hn@zarafaserver.de
2 0 12 j u n e 2 1
2. c o nte nt
p r o b le m a n d
s o lu t io n
y u b ik e y c lo u d
– la s t p a s s
– z a ra fa
…. .
y u b ik e y in t e r n a l
( 4 z a ra fa )
y u b ik e y
t e c h n o lo g y
d o 's a n d d o n t's
de mo
c o s ts
3. p r o b le m a n d s o lu t io n
To many passwords
→ easy passwords used many times
→ hacks like Sony , Nortel, linkedin ….
New ways of authentication
Secure passwords ( thRpf-X%$§1o32 )
One time passwords
Secure password managers / repositories
→ new keys → yubikey !
4. y u b ik e y c lo u d
small USB device
emulate USB keyboard
secure storage of 2 keys
→ one time passwords @ yubico cloud
→ one time passwords @ yourserver
→ up to 64 character static password
Why two-factor-auth. ?
→ normal password + onetimepassword
5. h o w -t o u s e t h e k e y ?
validation service
→ yubikey cloud
→ lasstpass
→ Zarafa
Symantec VIP, Google Apps, OneLogin …....
6. la s t p a s s
Secure cloud storage of ALL your passwords
→ only remember one “strong” password
→ make it more secure with yubikey
10. y u b ik e y t e c h n o lo g y
NFR
R F ID
na n
o
11. y u b ik e y t e c h n o lo g y
NFR
R F ID
na n
o
12. d o ´ s a nd d o n t's
Allways use “backup” keys !
Make pictures of all keys ( serial ) !
Use the YubiRevoke service !
Never leave yubikey in device !
Never use yubikey as a one-factor-auth.
Never store key info on filesystem !
→ use YubikeyHSM