Tag Archives: OTP

Two-factor authentication for ownCloud using one-time passwords (OTP) from Yubikey

Yubikey NEO

NFC-enabled Yubikey NEO (source: Wikipedia)

I’ve been the proud owner of a Yubikey NEO for a couple of months now. It’s a small USB device (smaller than most USB flash drives) that identifies itself as a USB keyboard. Upon pressing the integrated button, the Yubikey generates a one-time password (OTP) following the popular HOTP standard (RFC4226), and sends it to your computer. Because it acts like a USB keyboard, the password is typed in for you. Chances are that it will be hidden by stars/dots of a password field, and you’ll never even see the password! Many applications support one-time passwords, this tutorial describes a method of using the Yubikey with ownCloud – a popular web service that allows you manage your files, contacts, and calendar in your own cloud (read: webserver). A bit like DropBox or Google Drive, but without handing your data over to big multinationals.

Continue reading