Six months ago, we discussed the decade-long journey since World Password Day and the ongoing efforts to eliminate passwords. Back then, Aloaha Software offered products like Aloaha Smartlogin, which enabled users to use hardware tokens (typically Smartcards) to log into their Windows machines. Over time, Aloaha Smartlogin evolved into CodeB’s Credential Provider, supporting a wide array of hardware tokens such as Mifare, Desfire, X.509 Smartcards, USB Sticks, and Softtokens like Authenticator Apps.
While CodeB’s Credential Provider is compatible with most Authenticator Apps, it's important to remember that many of these apps do not fully utilize their potential, limiting the use of diverse and robust hashing algorithms or restricting the TOTP Token to 6 digits. We highly recommend using our CodeB Authenticator app, which supports various robust algorithms, adjustable TOTP Token lengths, and most importantly, OpenID Connect for a truly passwordless login experience.
We've prepared several live demos for anyone interested in trying out our system. First, install the CodeB Authenticator App on your Android Phone by scanning the QR Code below from your mobile to install the app from the Google app store.
Once installed, configure your phone number, display name, email address, and security PIN. This security PIN not only encrypts your authenticator traffic but also protects you from unwanted "MFA Fatigue Attacks".
After setting up the CodeB Authenticator on your mobile, you can try the following:
Nextcloud
Visit https://www.aloaha.com:8443 and click on "Log in with CodeB Mobile". Our Identity Broker will ask for your mobile number and the previously configured security PIN. Once approved, you'll have a new Nextcloud account on our demo server without ever having to use a password.
Wordpress
We allow any user to log in as a guest to our old blog https://blog.codeb.io. Click on https://blog.codeb.io/wp-admin/ and then press the button "Login with OpenID Connect". You'll see the same Identity Broker screen as with Nextcloud. Once your details match, you'll be logged into Wordpress without ever having to use a password.
Auth0
We created a demo to demonstrate passwordless user creation and logins with Auth0’s Social and Enterprise Logon Features. The URL of the demo is:
WIX
Lastly, we've integrated the modified versions of the scripts into our Wix-based website. Visit https://www.codeb.io/oidc to log in with your CodeB Authenticator to our Website.
If you'd like to see another demo, let us know, and we'll prepare one for you.
Very cool. Tried it out and works like a charm! Thank you for that.