Emmanuel_N's sandbox: InWebo Strong Authentication

Presentation

In-Webo Technologies provides a Strong Authentication as a Service solution that makes authentication process altogether secure, simple and affordable to any website.

If you publish a website where "member access" or "user accounts" are protected by a password, our solution enables:

• To replace password authentication by a multi-factor authentication making connection to any website super easy and yet, more secure
• To prevent users from remembering additional login and passwords or having to use password recovery methods as a standard way to access to your service
• To integrate a user-centric, multi-browser, mobility-ready and free access control service

Implementing our solution articulates as follow:

• You create an account for your organization at In-Webo
• You install the plugin in your CMS
• Your users install our application to connect to the site

1 - Creating your InWebo account:

Signup here: https://www.myinwebo.com/signup/3

Follow the steps. At the end of the process you should be connected to our administration console and ready to administrate your InWebo strong authentication service.

This console is where you will manage your users and add your website properties.

• To configure your website properties click on "manage service parameters" and then on the "connector setup wizard" button. Follow the steps.
• To add users, simply click on "manage service users" and then on "add a new user". Adding users can also be done using our InWebo provisioning API.

2 - Installing the CMS plugin

See the plugin documentation below.

Installing the plugin requires generating a certificate to authenticate the connection between your site and InWebo servers during Web Services API calls. To generate the certificate, go to "manage service parameters", and click on the "Download a certificate for API access" button. Choose PEM format for the certificate. Carefully note the passphrase used to generate the file.

3 - Having users activate InWebo desktop application

To connect to the site, your users will install our desktop application that proposes a set of browser extensions to allow them to connect to your site with their prefered browser.

The application is activated by sending an activation code to users created and obtained when adding new users. Tick the "Send an activation email" option in the user creation form to have the code sent per email.

Once activated, the browser extension shows the bookmark of your site. Users just have to select it and the application fills in the authentication form. The posted data - the user login and a One-Time-Password - will then be tested against our strong authentication servers, giving access to your site to the user if correct.