M-Pin Strong Authentication System enables true two-factor authentication for Web sites and applications, based on the open source M-Pin Authentication Server and M-Pin Managed Service. The M-Pin Managed Service is a highly available, fault tolerant software as a service that issues cryptographic secrets to M-Pin Authentication Servers and Clients. The M-Pin Authentication Server uses just one leak-proof cryptographic key, and can't reveal any information about your users such as identity or login details, even if the key is compromised. The M-Pin Client is an HTML5 browser, so developers can easily integrate M-Pin into their Web sites and applications, enabling frictionless two-factor authentication and removing all username / password vulnerabilities.
BRAP is a Java remoting protocol that uses native Java object serialization encapsulated in HTTP. It aims to be an alternative to Spring HttpInvoker and Spring Security, especially when you don't need or want the dependencies of Spring in your client, such as when building a rich client application where size might be an issue. The authentication mechanism lets you use your own domain objects as credentials. BRAP gives you "pass by reference" even though the object arguments are serialized and passed to the remote service: changes that happen on the remote side can be applied to the client side automatically. BRAP focuses on being easy to use, small in size, yet powerful and extensible.