This is a wordpress plugin to autheticate aganst SecurePass service.
Initially written by Giuseppe Paterno' (gpaterno@gpaterno.com) on 2012.

Read the comments in the securepass.php and set the variables accordingly,
with specific regards to the $radius_secret that must match the one defined
on SecurePass.

This software is released under GPLv2.
Please note that this software comes with NO WARRANTIES!!!!!
Although is known to work, use it at YOUR OWN RISK.

Neither the author(s), SecurePass or GARL Sagl is responsible for this software.

This plug-in contains "Pure PHP radius class", a PHP class to connect to
RADIUS. This sofware is Copyright (c) 2008, SysCo systemes de communication sa


== Preface ==
A lot of web sites, even well known ones (newspapers, telcos, ...) adopts 
WordPress as their CMS. WordPress is a great platform, however it
can happen that password leaking or guessing might lead to unauthorized
access to the platform. A potential attacker can be therefore able to 
change articles, part of the web site and/or make the website unavailable,
with image and economic damages for a company or for a blogger.
This is even more true if your website is not SSL protected.

SecurePass is a SaaS service offering an easy and affordable solution
for One Time Passwords (OTP) and strong authentication in general. They 
offer 5 users for free included with their standard (=basic) account, which
is more than enough for standard blogs and web sites. Companies can purchase
additional users, if needed.

== Setup and configure SecurePass ==
If you don’t own already an account with SecurePass, you can sign-up for a new account here: http://www.secure-pass.net/open

Note: Use "misec2011" as promo code, it will give you an entitlement for using 
SecurePass up to 10 users for 2 years free-of-charge. Without any promo code,
you will have 5 users for 20 years for free. It depends on what you need (more users or more years).

Connect to the admin interface on https://admin.secure-pass.net 
and create a new device (basically a RADIUS client). 

In the admin interface, go to the "Device" section and add a new device. 
You will need to set the public IP Address of the server, a fully qualified 
domain name (FQDN), and the secret password for the radius authentication. 
It's ok if your web server is behind a firewall and/or NAT, ensure that
your server has rights to send (and receive) RADIUS authentication requests,
i.e. UDP port 1812.

== Setup and configure the WordPress Plugin ==
Simply copy this software's directory in the following WordPress location:
wp-content/plugins/

Edit the securepass.php file and change $radius_secret variable to reflect
the secret password as specified in the "Device" specified in the SecurePass
administration panel. The variable $radius_host contains the primary
RADIUS server of SecurePass, located in Switzerland (Lugano). 
A secondary RADIUS is available in Italy (Milan), if you prefer this
location change $radius_host to 'radius2.secure-pass.net'.

WARNING!!! Before going to the next step, create an user in wordpress that
matches a username in SecurePass and grant full administrative powers.
This because the admin user will be no longer checked locally. In case you 
won't be able to login anymore, a workaround is moving the securepass plugin 
directory to another directory name, ex: "mv securepass securepass.old".

Go to your WordPress configuration panel, select Plugins and activate the
"SecurePass authentication" plugin.

== Further reading ==

* This plugin web site: 
  https://github.com/gpaterno/wp-securepass/

* SecurePass web site: 
  http://www.secure-pass.net/

* UK on-line shop for SecurePass (they sell hardware tokens):
  http://shop.nervinesecurity.com/
