Customers will be able to access cloud solutions, such as Google Apps, Office365 and Salesforce.com, through PasswordBank’s single-sign-on platform, using SMS messages for two-factor authentication. This partnership delivers business-grade security, without requiring users to carry a physical token at all times.
Steve Watts, Sales Director of SecurEnvoy, said, “A major benefit of cloud technology is that it frees employees from their workstations, and gives them access to the tools they need, wherever they are and whenever they need it. Knowing how important security is, many companies implement two-factor authentication to ensure that they always know who is accessing their systems at any time. But forcing users to carry tokens around with them (and not letting them login if they don’t have them) defeats the point. By combining the freedom of using SMS messages as the second factor, with the flexibility of the cloud, suddenly workers really do have the freedom they need.”
What is two factor authentication?
Two factor authentication (2FA) is a way of verifying a person is who they say they are. It requires the combination of two out of three possible factors – something you know – so a username, password or PIN; something you have – a credit card or token, and something you are – fingerprint. The combination of a username and password does not constitute 2FA as it is two types of the same factor.
Authentication tokens, first used over 20 years ago, generate a one time passcode (OTP) which can be entered as part of a 2FA process. They are different to PIN numbers, which are static, as they change every time and will expire within a set time. However, unlike the original physical tokens of the 80s, today OTPs can be generated by apps on a smartphone or sent via SMS making their use not only easy, but also practical.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.