I just found the clef app and I think it is awesome. I always have my phone and with this I would never have to type a password after setup, no keylogging. I originally started this post as a meta to see if we could get it added, but realized it could soon be replaced with a SAFE login. But now I’m wondering, could something like this be implemented to actually login to SAFE?
There is a cost per month for clef, so scratch having it on here. Not really worth it.
EDIT: I stand corrected. They have a bitpay type model. Its free if you do it yourself, but you can pay for features.
I am curious about their licensing. Odd that that is so hard to find.
Login is a pretty hard problem to solve… Phones are easy, but they require you to have a smart phone and that isn’t “Everybody” Keyloggers are the biggest risk to a SAFEnetwork user… It would be good to find a way to make those less useful.
It’s convenient, but you have to be registered with Clef and you’re not supposed to use other passwords to auth against your app except Clef.
I’d rather take my chances.
It’s not hard at all, it’s SaaS, Rublon Multi-Factor Authentication (MFA) - Secure Remote Access.
The front page says:
Use Clef for free forever
Clef is free for unlimited users and logins. For extra features like advanced fraud metrics you’ll still pay less than any other two-factor authentication.
So if you a bank or other site that needs fraud detection etc they are going to charge you to the moon, but if you want it on your wordpress site, it’s free…
I assume it is free as in beer. But it never says… (That I found)
It also uses RSA encryption.
AKA “NSA owns the secret key” encryption.
There have been suggestions for other Smartphone based authentication…(Secure Quick Reliable Login or SQRL)
I checked out Clef a while back, when I read about it on Techcrunch. I don’t know if I can trust it, because it use OAuth. OAuth on it’s turn had vunerabilities and I can’t really say if they are fixed by now. Sure Clef looks all bling bling, but I trust SQRL more, because it’s opensource and create by some one who has been talking about security for more than a decade.
It’s free if you use a Clef (as in, Hotmail) account to sign in to any site out there.
If’s not free if you (e.g. MaidSafe) want to build a piece of s/w that connects your MaidSafe account with a Clef-provided MaidSafe Clef instance in the cloud.
In the 2nd case you could not use this account to login to Wordpress, but MaidSafe could build a MaidSafe WP plugin that would use MaidSafe-licensed SaaS to auth MaidSafe users against (say) a WP gateway and let them access their MaidSafe data through that WP instance.
I don’t know where you are getting your information. Looking at the Clef website they have substantial documentation on how to integrate it into whatever software you would like to integrate it into… It says right on the front page that it is free to use…
Doesn’t really matter either way - it isn’t a good fit for SAFE…