Nowadays, a simple password is not enough anymore! Multi-OTP is an OATH-certified PHP class, a Web interface, and a powerful command line tool that can be used to authenticate and manage OTP user tokens for strong two-factor authentication. It can create, update, and delete tokens to authenticate users with one time passwords (OTP). The users' data are stored in files. The class can also check the user token using several algorithms: Mobile OTP (MOTP), OATH/HOTP (RFC 4226), and OATH/TOTP HOTP Time Based (RFC 4226 extension). It works with compatible software tokens (iPhone, Android, PalmOS, Nokia, and other Java J2ME capable phones) and hardware tokens (such as Feitian, ZyXEL, Authenex, or Seamoon). The multiotp command line utility is also provided, both in "compiled" form (for Windows) and in source code (for Linux or educational purpose). The multiotp command line can be combined with FreeRADIUS (under Linux) or the free TekRADIUS LT (under Windows) in order to have a powerful radius strong authentication server.
oauth-php is a PHP library for OAuth consumers and servers. It has an extensible OAuth store, including a full working implementation of a MySQL store. The library implements methods to: verify incoming requests against the library; to sign outgoing requests, with curl support for actually doing the request; to sign requests with a body; to administrate consumer keys and tokens for multiple users (server and consumer side); and to log incoming and outgoing requests handled by the library (optionally in the database).
YAMIdentd aims at being a simple, small, and functional ident daemon that can both process local requests and forward requests triggered by masqueraded hosts (when it is running on a Linux gateway). It currently only runs on Linux (2.4 and 2.6, 2.2 untested). The daemon can forward to any ident daemon that accepts forwarded requests. The code aims at being stable, fast, and RFC 1413 compliant. It is meant to be run from inetd. It doesn't use any configuration file. It should do the right thing automagically.
Authenticator_ciacob is a PHP library to register and authenticate users. It can do open or closed registration, via a master password. User roles are supported. Live authentication can be done by changing session unique ID from one request to another. There is support for password recovery or resetting. It has a built-in hack prevention system that logs a user out when an obsolete session ID is used, or if the IP address changes from one request to another, or when a session lifetime times out. A user is automatically locked out on too many failed login attempts. Locks are IP-based and can be reset by the master. Authenticator_ciacob is easy to configure via external XML files. It is protected against SQL injections by a built-in database traffic encoding and decoding mechanism.
RCDevs OpenOTP Server provides two-factor authentication with one-time passwords (OTP). It supports OATH RFC-4226 HOTP (Event-based) and TOTP (Time-based), OCRA (Challenge-based), Mobile-OTP, YubiKey Software/Hardware Tokens, SMSOTP, MailOTP, and OTP lists. It provides a SOAP/XML, RADIUS, and OpenID APIs and integrates into your LDAP (OpenLDAP, Novell, ActiveDirectory). It works with Web applications, VPNs, Linux PAM, Microsoft, and more. It is composed of the RCDevs WebADM server application, the OpenOTP SOAP service, the OpenOTP Radius Bridge, the User Self-service Desk, and Token Self-enrollemnt end-user Web application. VMWare appliances and Web demos are available.
The HOTP Toolkit package contains tools that are useful when deploying the one-time password HOTP technology. It contains a shared library, a command-line tool to generate and validate one-time passwords, and a PAM module (pam_hotp) to make system login or SSH use HOTP one-time passwords for authentication.
Authen::Simple::WebForm is a Perl library for simple authentication against existing Web based forms using the Authen::Simple framework. This wraps up the LWP (libwww-perl) calls needed to attempt a login to a site that uses an HTML form for logins. It supports logins that require cookies, various form variables, special headers, multi-stage logins, and more.