Intrant Yubikey One Touch Login

Description

One Button Signon allows users to sign into WordPress with the single touch of thier Yubikey. No username, no password – just their Yubikey. A user must be registered with the WordPress site with a userame and password – then they can enable One Button Signon to expedite the login process.

Requirements

WordPress

Wordpress
Obviously to install a WordPress plugin you will first need WordPress.
We recommend using the latest version available.

Yubikey ( Yubikey Neo Recommended )

Yubikey Neo
Yubikey Neo
Yubikey Neo will work for devices that have a functional USB port and devices that support NFC (Near Field Communication) (RFID).With the Neo you will be able to use the Yubikey on supported Mobile devices. Something you cannot do with the Yubikey Standard.

Yubikey Standard
Yubikey Standard
Yubikey Standard will work for devices that have a functional USB port (desktop, laptop, etc.).Yubikey Standard will not work on mobile devicesĀ that do not have a USB portĀ (smart phones, tablets, etc.). See Yubikey Neo.

Free YubiCloud API Registration (Admin only) – FREE YubiCloud at Yubico.com

You need to register with Yubico YubiCloud API Service in order to use this plugin! Registration is free and super easy.
You will need to create a FREE YubiCloud API account at Yubico.com. An email address and a Yubikey are all that are needed!

PHP Functions

Most commercial servers have both these functions enabled and available.
You must have the curl PHP Function available in order to use Intrant.
You will need the PHP hash_hmac function to verify YubiCloud response. Hash Mac is not required if communicating with YubiCloud via HTTPS, though, it is always recommended to verify the response.

Installation & Activation

WP Upload Installation

To install a WordPress Plugin with the WP Uploader:

  1. Download your WordPress Plugin to your desktop.
  2. Do NOT decompress the zip archive.
  3. Read through the “readme” file thoroughly to ensure you follow the installation instructions.
  4. Go to Plugins screen and click Add New. Click Upload Plugin (same location as Add New button).
  5. Click Choose File and navigate to your desktop where you downloaded the plugin. Select it and upload.
  6. Click Activate Plugin to activate it.

 

FTP Installation

To install a WordPress Plugin manually via FTP:

  1. Download your WordPress Plugin to your desktop.
  2. If downloaded as a zip archive, extract the Plugin folder to your desktop.
  3. Read through the “readme” file thoroughly to ensure you follow the installation instructions.
  4. With your FTP program, upload the Plugin folder to the wp-content/plugins folder in your WordPress directory online.
  5. Go to Plugins screen and find the newly uploaded Plugin in the list.
  6. Click Activate Plugin to activate it.

 

Admin Settings

Intrant Admin Settings Menu
Intrant Admin Settings Menu

To setup OBS Intrant

  1. Login to your WordPress Site as Admin.
  2. Hover over the Settings menu item and select OBS Intrant.
Intrant Admin Settings
Intrant Admin Settings

Global Settings

After you register a YubiCloud API account at Yubico.com you will be issued an API ID and API Key. Those are the first to fields on this page.

  1. Yubikey API ID – Received from YubiCloud Registration
  2. Yubikey API Key – Received from YubiCloud Registration
  3. Default Server – Select a server that is closest to you.
  4. API Over HTTPS (SSL) – You should always communicate with YubiCloud over HTTPS (SSL) but if for some reason you cannot, you can disabled it here. If disabled, your server will communicate with the YubiCloud server over a standard HTTP (unsecure) connection.
  5. Verify Yubikey Response – YubiCloud sends back a hash when it validates a Yubikey. We can use this hash to ensure that the response from YubiCloud has not been tampered with.
  6. Requirements Test – This plugin uses a PHP function cURL to communicate with Yubico. This function must exist in order for the plugin to work. The PHP Hash HMAC function is required to verify the response from YubiCloud. If this function is not available, responses will not be verified.

Your User Settings

Your Profile Menu
Your Profile Menu

To setup OBS Intrant on your profile

  1. Login to your WordPress Site as your User.
  2. Hover over the Users menu item and select Your Profile.
Intrant Your Profile Settings
Intrant Your Profile Settings

Your Profile Settings

Setup OBS Intrant so that you can login with a single touch of the Yubikey.

  1. Intrant One Button Login – Enable or Disable One Button Login.
  2. Yubikey Server – If you are experiencing a slow response, you can change the YubiCloud server to a different one.
  3. Key IDs – You can have up to 3 Yubikeys attached to your account. At the very least, one key is required in order to login with one touch. The other two keys are optional.

Administrate User Settings

intrant Admin Users Profile
intrant Admin Users Profile

To edit a users options

Admin can enable or disable Single Button Signon for individual users.

  1. Login to your WordPress Site as Admin.
  2. Edit the users info as you usually would.
  3. Scroll to the bottom of the page.
  4. Enable or Disable One Button Login.

Login

Intrant Login Screen
Intrant Login Screen

Intrant does NOT alter the Login Screen

The Login screen remains the same. Intrant simply intercepts the submited form.

Instead of the user enter their username and password, the user simply presses their Yubikey button in either the Username or Password field. Yubikey, by default, submits the form after it enters the OTP in the field.

F.A.Q.

Is it secure?
Yes; more so than a standard username and password.

The Yubikey generates a unique string that changes every time you press the button. Once you submit it for validation, that string can never be used again.

Can I still use my username and password?
Yes. If you do not have your Yubikey available, or are on a mobile device and don’t have a Yubikey Neo, you can login with your normal username and password.