RealMe is a software suite that uses an image-based public key infrastructure (PKI) that embeds cryptographic information in a digital image and then exchanges pieces of that image between a user and a Web application to accomplish a strong, bi-directional multi-factor authentication. This technology combines steganography with applied cryptography, and results in a secure yet low-cost solution for Web sites that exchange confidential information with their users.
PyWikid is an implementation of the WiKID one-time-password protocol in Python. It is compatible with the standard Java-based WiKID server, and should run on any platform that supports Python and OpenSSL (tested on Mac OS X, Ubuntu 8.10, and Slackware). It is currently under active development, as it requires a token previously created with the Java token. It is also currently command line only, though the functions are written such that a graphical interface can be wrapped around them easily.
BRAP is a Java remoting protocol that uses native Java object serialization encapsulated in HTTP. It aims to be an alternative to Spring HttpInvoker and Spring Security, especially when you don't need or want the dependencies of Spring in your client, such as when building a rich client application where size might be an issue. The authentication mechanism lets you use your own domain objects as credentials. BRAP gives you "pass by reference" even though the object arguments are serialized and passed to the remote service: changes that happen on the remote side can be applied to the client side automatically. BRAP focuses on being easy to use, small in size, yet powerful and extensible.
SMRadius is a high performance pre-forked RADIUS AAA server. It features a highly configurable backend engine supporting flexible data specifications. Its primary goal is to provide an extremely flexible authentication platform which may serve a large number of industries, including ISPs and WiSPs.
LinOTP is a solution for strong two-factor authentication with one time passwords. It features a modular architecture into which UserIdResolver, authentication, and OTP calculation modules can be plugged. It includes UserIdResolver modules for LDAP/AD, SQL, and flat file user databases, and authentication modules for PAM and RADIUS. New modules can be developed easily. Supported tokens are HMAC-OTP/HOTP (RFC 4226/ OATH compliant), Aladdin eToken PASS, eToken NG-OTP, Safeword Alpine, Yubikey, Google Authenticator, motp, SMS OTP/Mobile TAN, email token, and a Simple Pass token for users without token hardware. TOTP is supported, along with a new algorithm for daily passwords for applications not supporting RADIUS. OCRA tokens are supported to allow transaction signing in banking environments. CLI, Web, and GTK+ GUI clients are available for management. LinOTP features multi-client capability, redundancy, and a self-service portal. It has been used with PAM for local and SSH logins, Apache, VPN, and Windows Terminal Server, and is OATH certified.