The Joomla! Extensions Directory ™


Yubikey Authentication ComponentPlugin

Joomla! 1.5, 1.6 and 2.5 two-factor authentication (T-FA) plugin for use with the Yubico Yubikey one-time-password device. An accompanying component is included to manage Yubikey users.

With this authentication plugin you may selectively choose which Joomla users will require a Yubikey device to log into Joomla!.

Two-factor authentication is achieved by requiring a Yubikey-enabled user to first input their Joomla! password and then adding their Yubikey one-time-password to the end of that forming a single password consisting of the user's Joomla! password and their Yubikey one-time-password concatenated to the end of that. The username/password screens of Joomla! remain the same.

You can read more about the Yubikey one-time-password authentication device from the Yubico homepage at: http://www.yubico.com

Report Extension

 

 

2013-11-27
Reviews: 26
We're using this to implement 2 factor authentication on all our pre-3.2 Joomla! sites and it's so simple.

Just get the API key, set up the plugin, and add your users. Couldn't be easier, and very simple to explain to clients.
2011-12-19
Reviews: 3
Since I am the only one who logs into my site, it was simple to integrate this into the front end of the site.

The only improvement I can think of would be to allow a more advanced login - instead of having to enter my password into the front end - use the OTP as the authenticating factor.

Otherwise, a good increase in security as far as I am concerned.
2010-08-31
Reviews: 1
Followed all instructions and it works. Just the thing a geek may dream about.
2009-09-28
Reviews: 3
After installing the component and plugin on Joomla v1.5.14, everything installed well. Turned on the Plugin.

Got the API Key from the API generator.

Assigned Yubikey ID to a registered user.

The authentication key (dongle) works good on both Vista and XP platforms. Both platforms recognized and installed the necessary drivers automatically.

Entered username and password+yubikey trigger button on the dongle (do not click the login button on the login form afterwards) simply wait for it to login for you, otherwise you get an "Invalid Token". If you do click the login button and you get the error, simply click on th back button on the web browser.

Couldn't get it to work with Community Builder login form. So I simply activated both Joomla Login Form and CB Login. CB Login module I placed in Registered mode. So it wouldn't display in Public area. Also works with Creative Design popup login form as well.

So far so good. Tested it on four different web sites.
2009-03-27
Reviews: 1
Does everything its supposed to do!! Its impossible im the ony one using a yubikey to login!! took me 5 minutes to install Keep up the good work!!