RealMe is a software suite that uses an image-based public key infrastructure (PKI) that embeds cryptographic information in a digital image and then exchanges pieces of that image between a user and a Web application to accomplish a strong, bi-directional multi-factor authentication. This technology combines steganography with applied cryptography, and results in a secure yet low-cost solution for Web sites that exchange confidential information with their users.
PyWikid is an implementation of the WiKID one-time-password protocol in Python. It is compatible with the standard Java-based WiKID server, and should run on any platform that supports Python and OpenSSL (tested on Mac OS X, Ubuntu 8.10, and Slackware). It is currently under active development, as it requires a token previously created with the Java token. It is also currently command line only, though the functions are written such that a graphical interface can be wrapped around them easily.
auth2x is a Perl module for performing 2-factor authentication. auth2x has a user authenticate with a passphrase initially. If that authenticates, the module sends a 10 character hex code to a pre-configured (per authentication user-basis) email address. The user then authenticates a second time with their passphrase concatenated with the 10 character code.
Authenticator_ciacob is a PHP library to register and authenticate users. It can do open or closed registration, via a master password. User roles are supported. Live authentication can be done by changing session unique ID from one request to another. There is support for password recovery or resetting. It has a built-in hack prevention system that logs a user out when an obsolete session ID is used, or if the IP address changes from one request to another, or when a session lifetime times out. A user is automatically locked out on too many failed login attempts. Locks are IP-based and can be reset by the master. Authenticator_ciacob is easy to configure via external XML files. It is protected against SQL injections by a built-in database traffic encoding and decoding mechanism.
YAMIdentd aims at being a simple, small, and functional ident daemon that can both process local requests and forward requests triggered by masqueraded hosts (when it is running on a Linux gateway). It currently only runs on Linux (2.4 and 2.6, 2.2 untested). The daemon can forward to any ident daemon that accepts forwarded requests. The code aims at being stable, fast, and RFC 1413 compliant. It is meant to be run from inetd. It doesn't use any configuration file. It should do the right thing automagically.
oauth-php is a PHP library for OAuth consumers and servers. It has an extensible OAuth store, including a full working implementation of a MySQL store. The library implements methods to: verify incoming requests against the library; to sign outgoing requests, with curl support for actually doing the request; to sign requests with a body; to administrate consumer keys and tokens for multiple users (server and consumer side); and to log incoming and outgoing requests handled by the library (optionally in the database).