Chocolate In My Peanut Butter: Open Source Single Sign On Meets Open Source Two-Factor Authentication

WiKID Systems partners with Atricore to bring secure open identity management to everyone

Back in November I wrote about WiKID Systems and how they were bringing open source two-factor authentication to the market since 2001. I used the WiKID story to explain what two-factor authentication works and why it is a far superior method for security access then passwords alone. Now WiKID is teaming up with Atricore, the open source identity management company, to combine open source single sign on with open source two factor authentication.

Atricore are the developers of the JOSSO (Java Single Sign On) project which with support for SAML and other standards has become a widely used technology in the identity management space.

SAML works with Federated Identity to allow disparate business applications both within and across corporate boundaries to work seamlessly.

Atricore offers several versions of JOSSO. A free and open community version and several commercial versions. The integration with WiKID’s two factor authentication works only with the JOSSO commercial versions. You can use either WiKID’s community or commercial version with the JOSSO.

In speaking with Nick Owen, CEO of WiKID he thinks the important thing to remember is that “in a firm with 250 users, the combined SSO/two-factor authentication solution would cost approximately $7,500 per year, a price a fraction of the cost of either solution alone from the market leading providers.” The open source solutions really make this affordable. Before this, only large banks and other enterprises could afford this. 

Both WiKID and Atricore offer free community versions and commercial versions of their products. Both of the community versions are fully featured and not crippleware by any means. 

Some of you reading this may not be familiar with single sign on and two-factor authentication. But combined they are a powerful tool to allow access to resources either in the cloud or on premises. With single sing on capability you can sign on one site and have that allow you to access other sites that participate in that sign on. Sort of like when you use your Facebook credentials to sign on to other sites.  

Single sign on is really convenient but fraught with security problems. Combining it with two-factor authentication is a big improvement. Owens says “We've always believed that SSO needed two-factor authentication to minimize the 'keys to the kingdom' risk”. 

It is good to see two open source companies working together to bring great solutions to market at price points unheard of before!

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2011 IDG Communications, Inc.

IT Salary Survey 2021: The results are in