Despite suggesting many projects for Open Hack Day, and mulling over many more, I had a brainwave while driving down south last night. I was listening to pod casts thinking about logging in more securely on public computers, and then the ideal project sprung in to my head. Why don’t we create a hardware security key based around a simple micro controller that adds another variable authentication factor. This way even if a key logger gets your password they can not log in.<\/p>\n
We have technology like the PayPal security key<\/a>, and you can use this with Verisign Labs Personal Identity Portal<\/a> and OpenID to log in to your serice. There is also a decent open paper based solutions with Perfect Paper Passcards<\/a>.<\/p>\n I can see several potential deliverables in this project.<\/p>\n * The hardware<\/p>\n A device that gives the user a set of letters to type in to log in. The number needs to change (obviously) but this can be done using time, a sequence (by pressing a button), or some feedback from the computer. I am keen to look at visually transmitting data to this device from the PC screen using just light. The hardware will have a shared secret with the server.<\/p>\n * The mobile app<\/p>\n Same as the hardware, but implemented in code on a mobile phone.<\/p>\n * The client libraries<\/p>\n The code that indirectly interacts with the hardware.<\/p>\n * The example implementation<\/p>\n An OpenID server that uses the client libraries allowing users to log in to any service using the hardware.<\/p>\n So that is it. Do you want to help?<\/p>\n","protected":false},"excerpt":{"rendered":" Despite suggesting many projects for Open Hack Day, and mulling over many more, I had a brainwave while driving down south last night. I was listening to pod casts thinking about logging in more securely on public computers, and then the ideal project sprung in to my head. Why don’t we create a hardware security […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6],"tags":[],"class_list":["post-222","post","type-post","status-publish","format-standard","hentry","category-tech"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4t60H-3A","_links":{"self":[{"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/posts\/222","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/comments?post=222"}],"version-history":[{"count":0,"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/posts\/222\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/media?parent=222"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/categories?post=222"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.agm.me.uk\/blog\/wp-json\/wp\/v2\/tags?post=222"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}