Methods of two factor authentication
The simple Log-in with password and user name as security strategy for the protection of data against unauthorized access is out-of-date. To protect remote accesses to the infrastructure a two factor authentication is the choice to take. There are two different options:
For the token based option the user needs a physical device (token) to provide an additional password (e.g. combination of numbers). Everyone, who wants to gain access to the infrastructure of the company with his own mobile device or company computer needs that token, which generates a new, that is dynamic password.
The advantage: the possibility to spy out and misuse the access data is very low.
The disadvantage: the token causes cost, can get lost, be forget, or stolen and have to be administrated.
Token less options use existing devices like smartphone or tablet to show the dynamic password via SMS, app, or call.
The advantage: this is a cost-efficient option, using existing devices which are carried by the users anyway.
The disadvantage: these devices can get lost or be stolen as well (but mostly they are insured or secured especially).
In some areas there is an additional security level for sensitive data necessary. Those security levels demand next to the factors knowledge (user name / password) and ownership (token) another factor: characteristics or behavior (e.g. biometrical attributes). Such an authentication is called multifactor-authentication and is used for online banking for example.
When choosing an authentication it is important to find a balance between security and user friendliness, to ensure a correct application by the user. In the end the acceptance by the user is relevant for the success or failure of the security measure.
Every company has an own mode of operation – therefore it is necessary to fit the authentication to each company and its needs individually.
The security solution VISULOX offers an integrated two factor authentication for the centralized management of remote accesses of internal and external users. But it is also possible to implement existing authentication options into the system.
Inform now! Contact