I'm new to this list so let me introduce myself.

I'm working for a company that designed a secure a low cost USB authentication dongle.
This dongle can be authenticated by any web site using only a few lines of PHP and Java Script.

I'm also using PMA  for a while, and knowing how critical the security is for PMA users I tryed to integrate our solution to add hardware authentication support to PMA.

So I downloaded the latest stable release  and I added some lines of code in libraries/auth/cookie.auth.lib.php and it worked...

Now if I add the Ids of the authorized  USB authentication dongle in a configuration file  I can access the login page  only  if  the dongle is plugged  on my PC. And as soon as I unplugged it I'm automatically logouted. Nobody can administrate my mysql server without my USB dongle.

So my questions are:

1) Is the integration of a commercial (hardware) product compatible with the PMA's project policy ?

2) Are you interested by hardware authentication for PMA.

3) What is the process to commit changes in the trunk ? Who will review the code ?

Thanks  for you reply,


It took me a couple  of day enter your code

The product is almost ready for market and his targeted