As you will have gathered by my blog posts here, here and here I take the security of my joomla sites very seriously it even prompted another blogger "realise I needed to get smarter about passwords".

Even if you follow all the advice in those posts and the excellent advice in the Joomla Administrators Security Checklist you can never be too careful.

So it is no surprise that when a new security extension popped up in JED it picqued my interest.

The swekey is a USB dongle that acts as the master authentication key for any site you wish to use it on. If you think of your website like a car, a thief can smash the windows but unlike a car without the swekey they cant hotwire it and drive it off.

And its not just a one site solution. You can use the same key on as many sites as you want and not just joomla sites. Support is already provided for phpBB, WordPress, Drupal, MediaWiki, MantisBT, OpenID, PrestaShop, Putty, RoundCube Webmail, SquirrelMail, SSH, ZABBIX and phpMyAdmin.

How does Swekey authentication work?

Swekey authentication is based on a very simple and efficient client/server architecture. The client is the Swekey device itself. Each Swekey contains a unique id (the Swekey Id) and is able to generate a One Time Password (OTP) from a given Random Token (RT).

The Authentication Server (AS) is hosted and managed by Musbe, it generates the Random Tokens and verify the authenticity of the Swekey generated One Time Passwords.

More technical information, including details on how to built your own swekey authentication plugins can be found at the developer site.

Beta testing and evaluation report

I have been fortunate to have been beta testing this key since almost the beginning of this site and I'm impressed. (It can take alot to impress me as many extension developers will testify to). There were a few minor "issues" with the joomla implementation of the plugin but that's not surprising as the swekey developers had only had a few days to look at joomla before they sent me the evaluation key.

Each of those "issues" was addressed extremely promptly and suggestions for improvements were taken on board.

I'm definitely happy to put my stamp of approval on the swekey. It's easy to install, easy to use and most of all it is secure.

It seams that no Joomla related blog is complete without an obligatory comparison between Joomla and Drupal.

As I've never used Drupal, and have no intention of learning it, I'm not really in a position to do a comparison.

And even if I did I am sure it would be unfairly biased as my years of experience with Joomla is bound to influence my conclusions and decisions.

So rather than attempt to produce an unbalanced report here is an excellent one from 3 students.

Abstract

"A comparative study of content management systems was made between Joomla and Drupal. The goal of this comparative study is to find the better CMS of the two according to various selected criteria. The criteria includes installation, platform support, browser support, modules and extensions, documentation, support, user management, multimedia integration, content creation and searching. While testing, Joomla out performs Drupal when comparing user interface, offering a more simple interaction between the user and the software, and offering a larger database of modules; however, Drupal out performs Joomla when comparing documentation and user management. Each of these CMS offers great management tools; however, still lack development in certain criteria."

You can read the full report by Chinh Le, Adam Hawkins and Esteban Mora either as a pdf or a doc.