Securing Web Applications - Two Factor Authentication

Describes the usage and implementation of a Google Authentication gateway for securing web applications using two factor authentication, replacing Authentication Manager and Apache modules.

In our ongoing multi-part series we review the many ways to secure web applications.

Apache has its limits security-wise, and the RSA web authenticator is only compatible with it.  If you want to use something other than RedHat EL (like Centos, Ubuntu, Scientific Linux, etc.) you get no support and no options.

Enter the Wildcard Factored [code, documentation] setup that replaces this antiquated technology with something dynamic, 90% less expensive, and more compatible with more two factor systems.

Part One: Securing Login

Looking to secure your in-house web application but don't want to pay for RSA tokens, and their web authenticator? Look no further.  Our own in-house staff have come up with Factored, which uses the Google Authenticator service.

Factored allows you to run a WSGI app, link to nginx, and have a level of security in front of your current system.  That is really only one way to use it.  It implements auth_tkt so you could use it to login to your own application, such as the best in class Plone Enterprise CMS.

Factored can be easily configured and adapted to use Auth tokens, software/hardware SMS etc... 

Looking for some integration into ANY application that you have?  Contact Us!