I told you about the Paypal Security Key a couple of days ago, and since then, I discovered something very, very cool. It’s possible (and actually pretty easy) to use it your security key to give you multi-factor authentication with OpenID. Here’s how.
Verisign, the company behind the technology in the Paypal security key, is also an OpenID provider. They call their service the Personal Identity Provider, or PIP. Once you create an account there, login and go to the My Account link. On the next page, you’ll find a section of the page called Strong Authentication – click on the Add Credential button. Look on the back of your security to find your credential ID, and enter it on the page. Then, click the button on your key to generate a one-time password and enter it in the Security Code text box. Finally, click the Add Credential button before your security code expires. That’s it – Your security key is now associated with your OpenID.
Now, anytime you use your OpenID and are asked to authenticate, you’ll also need to enter a security code from your key in addition to your username and password. That means an extra layer of security when using any OpenID enabled site.