只有当有人拥有加密狗时，才能使网站可访问吗? [英] How can one make a web-site accessible only when someone has a dongle?

问题描述

假设您想在SSL加密的登录名/密码之上添加额外的凭据层，但是您不想增加用户的复杂性.有没有办法将具有加密狗的要求添加到具有现有跨平台浏览器功能的Web服务器身份验证方案中?

Suppose you want to add an extra layer of credentials on top of a SSL-encrypted login/password, but you don't want to increase complexity to the user. Is there a way to add the requirement of the possession of a dongle to web-server authentication schemes with existing cross-platform browser capabilities?

换句话说，要访问该网站，您将需要用户名，密码和已插入客户端计算机的USB加密狗.加密狗可能会执行某种挑战/响应.

In other words, to get access to the web-site, you would need a username, password, and a USB dongle that has been plugged into the client computer. The dongle would presumably do some sort of challenge/response.

如果此加密狗解决方案可以自动与Firefox配合使用或只需添加一个插件，便是理想选择.

It'd be ideal if this dongle solution worked with Firefox automatically or with the simple addition of a plugin.

提出了宝贵的想法和建议.

Thoughts and suggestions are appreciated.

推荐答案

您可能对 Yubikey感兴趣.

这是一个小型USB加密狗，可以充当USB键盘(即不需要特殊的驱动程序或客户端软件)，并且专门用于这种身份验证.

It's a small usb dongle that acts as a usb keyboard (i.e. needs no special drivers or client software) and is designed exactly for this sort of authentication.

这篇关于只有当有人拥有加密狗时，才能使网站可访问吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！