Suppose you want to add an extra layer of credentials on top of a SSL-encrypted login/password, but you don't want to increase complexity to the user. Is there a way to add the requirement of the possession of a dongle to web-server authentication schemes with existing cross-platform browser capabilities?
In other words, to get access to the web-site, you would need a username, password, and a USB dongle that has been plugged into the client computer. The dongle would presumably do some sort of challenge/response.
It'd be ideal if this dongle solution worked with Firefox automatically or with the simple addition of a plugin.
Thoughts and suggestions are appreciated.
You may be interested in the Yubikey.
It's a small usb dongle that acts as a usb keyboard (i.e. needs no special drivers or client software) and is designed exactly for this sort of authentication.