Swekey - the key to securing joomla

Tue 02 Dec 08 23:16 Attention: open in a new window. PDF | Print | E-mail Joomla GPS Brian Teeman
View Comments

swekey - the key to secure joomlaAs you will have gathered by my blog posts here, here and here I take the security of my joomla sites very seriously it even prompted another blogger "realise I needed to get smarter about passwordsrealise I needed to get smarter about passwords".

Even if you follow all the advice in those posts and the excellent advice in the Joomla Administrators Security ChecklistJoomla Administrators Security Checklist you can never be too careful.

So it is no surprise that when a new security extension popped up in JED JED it picqued my interest.

The swekey swekey is a USB dongle that acts as the master authentication key for any site you wish to use it on. If you think of your website like a car, a thief can smash the windows but unlike a car without the swekey they cant hotwire it and drive it off.

And its not just a one site solution. You can use the same key on as many sites as you want and not just joomla sites. Support is already provided for phpBB, WordPress, Drupal, MediaWiki, MantisBT, OpenID, PrestaShop, Putty, RoundCube Webmail, SquirrelMail, SSH, ZABBIX and phpMyAdmin.

How does Swekey authentication work?

Swekey authentication is based on a very simple and efficient client/server architecture. The client is the Swekey device itself. Each Swekey contains a unique id (the Swekey Id) and is able to generate a One Time Password (OTP) from a given Random Token (RT).

The Authentication Server (AS) is hosted and managed by Musbe, it generates the Random Tokens and verify the authenticity of the Swekey generated One Time Passwords.

More technical information, including details on how to built your own swekey authentication plugins can be found at the developer sitedeveloper site.

Beta testing and evaluation report

I have been fortunate to have been beta testing this key since almost the beginning of this site and I'm impressed. (It can take alot to impress me as many extension developers will testify to). There were a few minor "issues" with the joomla implementation of the plugin but that's not surprising as the swekey developers had only had a few days to look at joomla before they sent me the evaluation key.

Each of those "issues" was addressed extremely promptly and suggestions for improvements were taken on board.

I'm definitely happy to put my stamp of approval on the swekey. It's easy to install, easy to use and most of all it is secure.

 

blog comments powered by Disqusblog comments powered by Disqus
back to top
< Prev   Next >