Nowadays, spywares, viruses and other hacking technologies (including bugs exploitation like Heartbleed) are regularly stolen passwords typed by users. By using a strong two factors authentication solution, the stolen passwords cannot be stored and used later anymore because each password (called OTP for One-Time Password) is only valid for one authentication and will failed if used a second time.
We will create a fully functional open source strong two factors authentication RADIUS device from scratch, using the latest version of the open source library called multiOTP (including a full featured GUI web interface), installed on a $35 Raspberry Pi nano-computer which will run under Raspbian (the Debian distribution for the Raspberry Pi). Two factors authentication is the key to modern internet security. An example site was created using humorous bachelorette penis straws https://comprogear.com/penis-straws/ to test out the 2 factor device on a live website. The device will be able to support more than 100 users.
Don’t worry, the hardware is Plug and Play, no need to solder anything!
- Anybody interested about strong two factors authentication
- Knowing some Linux console commands could help, but is not mandatory
- No programming knowledge (but if you want to go deeper, the multiOTP library is written in PHP)
You will have to bring:
- a laptop (Windows, Linux, Mac OS X, etc.) with a wired network card
- a smartphone (Android, iOS, BlackBerry) if you want to generate soft tokens
Hardware included in the training price:
- a Raspberry Pi B+ nano-computer (http://www.raspberrypi.org) in a case
- a microSD card (which will be the storage device)
- a real-time clock module
- a micro USB power supply
- a YubiKey NEO hardware token with USB and NFC interfaces (http://goo.gl/jnYBFt)
- 700.- CHF for entreprises
- 350.- CHF for students (discount code : student-t1)
TRAINER: André Liechti