Community Documentation

Authentication improvements

Last updated July 26, 2012. Created by ilo on October 7, 2009.
Edited by CPJS, Duo Security, rfay. Log in to edit this page.

This section is not intended to be a list of available authentication endpoints for Drupal, or a third-party integration module list. The modules included here improve the authentication mechanism. Drupal authentication is based on username and password credentials stored in the database. The user is validated against the site user list and authorized. The following modules include additional elements in the form submission or replace current fields with more secure elements. Some of the modules listed here duplicate the functionality of others.

  • Swekey hardware authentication: enables swekey hardware authentication in Drupal for users and administartors. The swekey is a low cost but highly secure USB authentication USB key.
  • Duo Two-factor Authentication: Duo is the simplest and safest way to secure any Internet login or transaction. Duo uses your users' existing mobile devices for strong, usable, and safe two-factor authentication.
  • Yubikey: YubiKey is a secure method for logging into many websites using a cryptographically secure usb token. It does not require special software, and since it does not generate the same OTP (One Time Password) more than once, nothing is shared among associated sites.
  • TUPAS Authentication: Finnish banks’ Tupas certification service allows businesses and organisations providing Internet services to authenticate their customers with Tupas certificates issued by the Tupas service. In the Tupas service a bank authenticates a customer by a strong authentication method. The Tupas certificates issued by the service can also be used for signing documents electronically if so agreed by the customer and the service provider. This module provides Drupal integration to Tupas certification service and it can be used for using digital signatures to grant additional permissions for users.
  • Certificate Login: Authenticate users using a certificate.
  • Openid Integration: log in securely through other providers' SSL authentication using an OpenID identifier. OpenID is in core in Drupal version 6.
  • OAuth: OAuth is a complete standard for external API authentication. You can integrate your Drupal site with external data from Google, Flickr, Twitter, Ma.gnolia, Yahoo and other Drupal sites that use the Web Services module. Also you can also let other sites use your site's data, by using Web Services module and OAuth as the authentication method for security.
  • Site Pass: Instead of having to remember passwords users simply request a Site Pass when they need one. (This is similar to the way that airlines allow you to do on-line check-in with just an Itinerary Number instead of a username/password pair.). Checks for invalid login attempts using the Site Pass key.
  • Secure Login: Secure Login module enables the user login and other forms to be submitted securely via HTTPS, thus preventing passwords and other private user data from being transmitted in clear text. For Drupal 7, Secure Login module also enforces secure authenticated session cookies, thus preventing session sidejacking.
Login or register to post comments

Looking for support? Visit the Drupal.org forums, or join #drupal-support in IRC.

About this page

Audience
Site administrators

Administration & Security Guide

Drupal’s online documentation is © 2000-2013 by the individual contributors and can be used in accordance with the Creative Commons License, Attribution-ShareAlike 2.0. PHP code is distributed under the GNU General Public License. Comments on documentation pages are used to improve content and then deleted.
nobody click here