One Button Signon allows users to sign into WordPress with the single touch of thier Yubikey. No username, no password – just their Yubikey. A user must be registered with the WordPress site with a userame and password – then they can enable One Button Signon to expedite the login process.
Requirements
WordPress
Obviously to install a WordPress plugin you will first need WordPress.
We recommend using the latest version available.
Yubikey ( Yubikey Neo Recommended )
Yubikey Neo
Yubikey Neo will work for devices that have a functional USB port and devices that support NFC (Near Field Communication) (RFID).With the Neo you will be able to use the Yubikey on supported Mobile devices. Something you cannot do with the Yubikey Standard.
Yubikey Standard
Yubikey Standard will work for devices that have a functional USB port (desktop, laptop, etc.).Yubikey Standard will not work on mobile devicesĀ that do not have a USB portĀ (smart phones, tablets, etc.). See Yubikey Neo.
You need to register with Yubico YubiCloud API Service in order to use this plugin! Registration is free and super easy.
You will need to create a FREEYubiCloud API account at Yubico.com. An email address and a Yubikey are all that are needed!
PHP Functions
Most commercial servers have both these functions enabled and available.
You must have the curl PHP Function available in order to use Intrant.
You will need the PHP hash_hmac function to verify YubiCloud response. Hash Mac is not required if communicating with YubiCloud via HTTPS, though, it is always recommended to verify the response.
Installation & Activation
WP Upload Installation
To install a WordPress Plugin with the WP Uploader:
Download your WordPress Plugin to your desktop.
Do NOT decompress the zip archive.
Read through the “readme” file thoroughly to ensure you follow the installation instructions.
Go to Plugins screen and click Add New. Click Upload Plugin (same location as Add New button).
Click Choose File and navigate to your desktop where you downloaded the plugin. Select it and upload.
Click Activate Plugin to activate it.
FTP Installation
To install a WordPress Plugin manually via FTP:
Download your WordPress Plugin to your desktop.
If downloaded as a zip archive, extract the Plugin folder to your desktop.
Read through the “readme” file thoroughly to ensure you follow the installation instructions.
With your FTP program, upload the Plugin folder to the wp-content/plugins folder in your WordPress directory online.
Go to Plugins screen and find the newly uploaded Plugin in the list.
Click Activate Plugin to activate it.
Admin Settings
Intrant Admin Settings Menu
To setup OBS Intrant
Login to your WordPress Site as Admin.
Hover over the Settings menu item and select OBS Intrant.
Intrant Admin Settings
Global Settings
After you register a YubiCloud API account at Yubico.com you will be issued an API ID and API Key. Those are the first to fields on this page.
Yubikey API ID – Received from YubiCloud Registration
Yubikey API Key – Received from YubiCloud Registration
Default Server – Select a server that is closest to you.
API Over HTTPS (SSL) – You should always communicate with YubiCloud over HTTPS (SSL) but if for some reason you cannot, you can disabled it here. If disabled, your server will communicate with the YubiCloud server over a standard HTTP (unsecure) connection.
Verify Yubikey Response – YubiCloud sends back a hash when it validates a Yubikey. We can use this hash to ensure that the response from YubiCloud has not been tampered with.
Requirements Test – This plugin uses a PHP function cURL to communicate with Yubico. This function must exist in order for the plugin to work. The PHP Hash HMAC function is required to verify the response from YubiCloud. If this function is not available, responses will not be verified.
Your User Settings
Your Profile Menu
To setup OBS Intrant on your profile
Login to your WordPress Site as your User.
Hover over the Users menu item and select Your Profile.
Intrant Your Profile Settings
Your Profile Settings
Setup OBS Intrant so that you can login with a single touch of the Yubikey.
Intrant One Button Login – Enable or Disable One Button Login.
Yubikey Server – If you are experiencing a slow response, you can change the YubiCloud server to a different one.
Key IDs – You can have up to 3 Yubikeys attached to your account. At the very least, one key is required in order to login with one touch. The other two keys are optional.
Administrate User Settings
intrant Admin Users Profile
To edit a users options
Admin can enable or disable Single Button Signon for individual users.
Login to your WordPress Site as Admin.
Edit the users info as you usually would.
Scroll to the bottom of the page.
Enable or Disable One Button Login.
Login
Intrant Login Screen
Intrant does NOT alter the Login Screen
The Login screen remains the same. Intrant simply intercepts the submited form.
Instead of the user enter their username and password, the user simply presses their Yubikey button in either the Username or Password field. Yubikey, by default, submits the form after it enters the OTP in the field.
F.A.Q.
Is it secure?
Yes; more so than a standard username and password.
The Yubikey generates a unique string that changes every time you press the button. Once you submit it for validation, that string can never be used again.
Can I still use my username and password?
Yes. If you do not have your Yubikey available, or are on a mobile device and don’t have a Yubikey Neo, you can login with your normal username and password.