Geminus – A completely open source two factor solution

Two factor authentication (2FA) has become standard in securing your infrastructure against unwanted access. As the name implies, 2FA demands that users authenticate using two means, or factors.

The most widespread method of 2FA today is using an authenticator app, but it could just as well be a username/password combination followed by entering a code send via text message – or a user identifer, followed by a link sent in an email that the user must access to progress the authentication. By demanding a second factor in the authentication flow, an assailant will have a much harder time getting through security. Simply cracking or stealing a password will not be enough.

Geminus is an open source Time-based One Time Password (TOTP) solution developed by Semaphor. Originally, the solution was comissioned by the Danish goverment, who wanted a license-free alternative to “SMS passcode”, which was also independent of Global System for Mobile Communications (GSM). The solution continues to be used succesfully within the Danish government.

Owing to Semaphor’s deep belief in open source software, Geminus has been developed exclusively with open source components, such as FreeRadius, PostgreSQL and Django. It also follows the TOTP standard which is publicly described by RFC 6238. By basing Geminus upon open standards and open source components, we not only built the software on transparent, and therefore trustworthy, codebases and algorithms, but this also allows for the self-hosting of said components, eliminating the need for any third party cloud-based provider. Utilising open standards will also more often than not guarantee wider interoperability between other software solutions on the market. Futhermore, Geminus is independent of GSM as the shared secret used to generate the TOTP is stored on-device, by scanning a QR code, in a TOTP app of your own choice.

Geminus not only offers strong security to organisations of any size, but also allows the organisation to govern their own security, without relying on third party providers.

Visit Geminus productpage