The WiKID Strong Authentication System is a highly scalable, secure, self-hosted two-factor authentication system. It is simple to implement and maintain, allows users to be validated automatically, requires no hardware tokens, has a simple API for application support (via Ruby, PHP, Java, COM, Python, etc.), supports multiple domains, and supports replication for fault tolerance and scalability. It also supports mutual /host and transaction authentication, wireless tokens only domains, locked tokens (to your PC), anti-keystroke logger keypad PIN entry, etc.
SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing and chat services. It can be used to send any kind of messages, in addition to normal text messages, including multimedia messages like images, video, and audio stream. All messages in the SILC network are encrypted and authenticated, and messages can also be digitally signed. SILC protocol supports AES, SHA-1, SHA-2, PKCS#1, PKCS#3, X.509, OpenPGP, and is being developed in the IETF. The software is delivered as SILC Client for end users, SILC Server for system administrators, and SILC Toolkit for application developers.
Lynis is an security auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It performs an in-depth scan on the system to detect software and security issues. Besides information related to security, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, configuration management, software patch management, vulnerability detection, and malware scanning of Unix-based systems.
edtFTPj/PRO is a Java library that performs secure file transfers. It supports FTPS (FTP over SSL), both explicit and implicit modes, and SFTP (FTP via SSH). It also supports asynchronous transfers and FTP connection pools. All major FTP operations are supported, including both active and passive modes. It provides a progress monitor interface, allowing applications to receive progress updates for their file transfers. The library is built on the open source edtFTPj and shares its API. It is compatible with Android 1.5 and above.
RCDevs OpenOTP Server provides two-factor authentication with one-time passwords (OTP). It supports OATH RFC-4226 HOTP (Event-based) and TOTP (Time-based), OCRA (Challenge-based), Mobile-OTP, YubiKey Software/Hardware Tokens, SMSOTP, MailOTP, and OTP lists. It provides a SOAP/XML, RADIUS, and OpenID APIs and integrates into your LDAP (OpenLDAP, Novell, ActiveDirectory). It works with Web applications, VPNs, Linux PAM, Microsoft, and more. It is composed of the RCDevs WebADM server application, the OpenOTP SOAP service, the OpenOTP Radius Bridge, the User Self-service Desk, and Token Self-enrollemnt end-user Web application. VMWare appliances and Web demos are available.
Password Manager Daemon serves clients data via a Unix domain socket or over a remote TLS connection. The data is stored in an (optionally) encrypted XML file, and the client must provide the key to modify it. It has the option to use gpg-agent for key management (including smartcards). It is multi-threaded, allowing more than one client to be connected at the same time. Key retrieval may be done via a key file or a pinentry program. A key cache is used, so a client won't need to enter a passphrase each time one is required. It is very configurable. Libpwmd is also available as a separate project and is a library making it easy for applications to use Pwmd.
Keyring for PalmOS lets you securely store secret keys and confidential information on a PalmOS handheld computer. This information might include computer account passwords, credit card numbers, GnuPG or PGP passphrases, SKey one-time-pads, or phone banking keywords. Records are encrypted using the well-trusted DES3 algorithm on a master password. When you need to set a password, Keyring can generate a random password of specified length, optionally including letters, numbers, or symbols.
Tenable Nessus is a world-leader in active vulnerability scanners. It features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis of your security posture. Nessus scanners may be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. It is free of charge for personal use in a non-enterprise environment.