This is a plugin for WordPress that provides multifactor authentication with one-time passwords using the Yubikey USB token. The plugin uses the Yubico Web service API in the authentication process.
The one-time password requirement can be enabled on a per user basis.
Your PHP installation must have the Hash and Curl libs enabled, otherwise this plugin won’t work.
- Buy a Yubikey.
- Create a Yubico ID & API Key.
- Download, install and activate my Yubikey plugin for WordPress. (goes into wp-content/plugins).
- Enter Key ID on the Users -> Profile and Personal options page.
- Enter Yubico ID & API key on the Settings -> Yubikey options page.
Id/key confused ? Well the Key ID is the first 12 chars from the output Your Yubikey generates, they don’t change, the Yubico ID and API Key is used when communicating with the Yubico authentication server.
- That’s it, enjoy the looks of Your new loginbox, and try logging in.
- 2011-04-14: Styling added to descriptions, thanks to Uwe Moosheimer
- 2011-04-11: German translation by Uwe Moosheimer added
- 2011-04-10: Multiple Yubikeys per account now possible, TAB index on registration page fixed.
- 2009-08-19: Russian translation contributed by M. Comfi
- 2009-02-09: Plugin has been moved to the official plugin directory
- 2008-12-13: Minor CSS change, making things look nicer with WordPress 2.7
- 2008-07-20: API ID & Key moved to a separate optionspage, thanks to Phil Massyn for idea and code.
- 2008-07-02: Plugin will now fail gracefully if Curl or Hash extensions are missing.
- 2008-06-25: Initial version