Prizes & Awards
My Profile
Active Members
TodayLast 7 Days
more...
|
 New Feature: Community Sites:
Create your own .NET community website and start earning from Google AdSense !
It's Free !
|
Two Factor Authentication
|
Introduction
Sharing makes the internet. Most of us are not aware of the authentication factors and how the secured sectors are protecting their datas in this upgrowing online fraud world. Here in this article, I have briefed about the 2FA and a tool of Active card called Secure Login Single-Sign on.
What is Two FActor Authentication
2FA is any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication, which requires only one factor (knowledge of a password) in order to gain access to a system.
Why 2FA
To put in simple words, just to reduce online frauds.
2FA Solution:
Common implementations of two-factor authentication use 'something you know' as one of the two factors, and use either 'something you have' or 'something you are' as the other factor. Using more than one factor of authentication is also called strong authentication; using just one factor, for example just a password, is considered by some weak authentication. A common example of T-FA is a bank card (credit card, debit card); the card itself is the physical item, and the personal identification number (PIN) is the data that goes with it. See Chip and PIN for more information on this. Two-factor authentication is a form of strong authentication. Strong authentication also includes multi-factor that do not include a physical factor (card or dongle). The multiple factors can both be online for strong authentication.
According to proponents, T-FA could drastically reduce the incidence of online identity theft, and other online fraud, because the victim's password would no longer be enough to give a thief access to their information. Deployment of T-FA tools such as smart cards and USB tokens appears to be increasing. More organizations are adding a layer of security to the desktop that requires users to physically possess a token, and have knowledge of a PIN or password in order to access company data. However, there are still some drawbacks to two-factor authentication that are keeping the technology from widespread deployment. Some consumers have difficulty keeping track of one more object in their life. Also many two-factor authentication solutions are proprietary and protected by patents. The result is a substantial annual fee per person protected and a lack of interoperability.
Two-factor authentication solutions sometimes includes technologies to generate one-time passwords, a few solutions also include single sign-on (SSO) technology. This single sigb-on is provided by many tools, one of that is Secure Login single sign on by Activ Card. Since I am working with Activ Card SSO technology, just I will brief you about it.
Secure Login Single Sign On:
SecureLogin Single Sign-On solves credential management problems by removing the need for users to remember the myriad of credential sets beyond their initial network login. Account credentials are securely stored for each user, and are automatically retrieved as required.
Productivity is increased with SecureLogin Single Sign-On because users no longer need to physically enter repetitive credential sets. Calls made to the Help Desk for lost or forgotten passwords are virtually eliminated.
SecureLogin Single Sign-On is a highly cost effective password management tool geared at increasing user productivity and providing quick return on investment (ROI). Try our QuickROI calculator to see how much your organization can save by using SecureLogin Single Sign-On.
By eliminating the need for users to manage their own credentials, SecureLogin Single Sign-On effectively reduces the number of credential reset calls to the Help Desk. IT-support professionals and administrators will spend less time dealing with credential related calls and can redirect their attention back to their core duties.
Why not in Wide use:
So if 2FA provide all the security, why isn't everybody deploying them? It would seem to be a logical line of defense against intrusions and information loss.
Despite the security advantages of strong authentication its adoption is not yet widespread. There are several factors that contribute to this.
User password management
Users have natural problems retaining a single factor like a password. It is not uncommon to for users to be expected to remember dozens of unique passwords. T-FA, where one factor is a password or PIN code, does not eliminate this problem. One possible solution is to have the second factor be a biometric, instead of an entity that the user needs to memorize.
Cost effectiveness
Adding a second factor in the authentication mechanism could lead to increase in costs for implementation and maintenance. Most systems are proprietary and charge an annual fee per user in the $50-100 USD range. Deployment of hardware tokens is logistical challenge. Hardware tokens may get damaged or lost and issuance of tokens in large industries such as banking or even within large enterprises needs to be managed. Therefore, an analysis on the cost and benefit should be made before deciding on a stronger authentication mechanism.
Software security
Another concern when deploying smart cards, USB tokens, or other T-FA systems is the security of the software loaded on to users' computers. [2] A token may store a user's credentials securely, but the potential for breaking the system is then shifted to the software interface between the hardware token and the OS, potentially rendering the added security of the T-FA system useless.
Product proliferation
The first challenge to face is the difficulty of deploying the client PC software required to make these systems work. Most vendors have created separate installation packages for network login, Web access credentials and VPN connection credentials. In other words, you may have four or five different software packages to push down to the client PC in order to make use of the token or smart card. This translates to four or five packages on which you also have to perform version control and ensure don't conflict with your business applications. If access can be operated using web pages, it is possible to limit the overheads outlined above to a single application.
|
Responses
|
No responses found. Be the first to respond and make money from revenue sharing program.
|
|