I've done stuff like this before for a CF app. We used a product from a company called Identikey here in Brisbane. You basically had a tiny little dongle that looked like a keyring sized calculator. You has a security app installed on the server and it had a challenge response behaviour. Your login page had 2 flashing boxes (done in a java app) you typed a password into your dongle to activate it, then held it up to the screen. The dongle read a 12 digit number from the flashing lights (or you could key it in manually, but the flashing lights and holding things up to the screen really impresses people). It then did some complicated DEC encryption thing based on the number from the login screen, an internal serial number in the token, and some function of the time, which resulted in a one time password being displayed on the token's screen, which you typed into the logon page. Your page then authenticated back to the security app to check whether that token is allowed access and if the token time is within an allowable range, then it lets you it.
It was bloody secure, incredibly impressive and wasn't amazingly expensive. I don't think the Brisbane company is still around, but they were only a distributor for a US company anyway. Try their website at : http://www.identikey.com/ it seems to redirect you to the original US supplier site (vasco) which has a distributor finder page. Hope this helps. Regards Darren Tracey Systems Analyst Web Applications, Web and Integration Services p: + 61 7 3232 4091 (x64091) f: + 61 7 3232 4744 e: [EMAIL PROTECTED] l: Lvl 9, 388 Queen St Brisbane QLD 4000 m: Suncorp IPC IT040, GPO Box 1453, Brisbane QLD 4000 > -----Original Message----- > From: Mike Lorimer [SMTP:[EMAIL PROTECTED] > Sent: Thursday, 8 July 2004 10:58 > To: CFAussie Mailing List > Subject: [cfaussie] Locking to a machine > > We have a CF 5 intranet application (shortly to be CFMX 6.1) for > managing highly sensitive information with multiple tiers of protection > e.g. multiple passwords, encryption of data, etc. However we would like > to restrict the users to specific workstations. Has anyone tried > authenticating against a USB or parallel dongle? Ideally the user > should be able to move from machine to machine taking the dongle with > them and the CF login routine would then check for the presence of the > dongle. > > Does anyone have any suggestions on alternate ways of locking the app > to specific workstations? > > Thanks > > Mike > > > Mike Lorimer > Teaching & Learning Collective Pty Ltd > PO Box 189 > DEE WHY NSW 2099 > Australia > > Ph: 61 2 9451 5228 > www.tlcollective.com.au > > > --- > You are currently subscribed to cfaussie as: [EMAIL PROTECTED] > To unsubscribe send a blank email to > [EMAIL PROTECTED] > Aussie Macromedia Developers: http://lists.daemon.com.au/ ----------------------------------------------------------------------------------- This e-mail is sent by Suncorp-Metway Limited ABN 66 010 831 722 or one of its related entities ("Suncorp"). Suncorp may be contacted at Level 18, 36 Wickham Terrace, Brisbane or on 1800 689 762 or at suncorp.com.au. The content of this e-mail is the view of the sender or stated author and does not necessarily reflect the view of Suncorp. The content, including attachments, is a confidential communication between Suncorp and the intended recipient. If you are not the intended recipient, any use, interference with, disclosure or copying of this e-mail, including attachments, is unauthorised and expressly prohibited. If you have received this e-mail in error please contact the sender immediately and delete the e-mail and any attachments from your system. If this e-mail constitutes a commercial message of a type that you no longer wish to receive please reply to this e-mail by typing Unsubscribe in the subject line. --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] Aussie Macromedia Developers: http://lists.daemon.com.au/
