• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 192
  • Last Modified:

Secure Token-two factor Authentication


I was wondering if anyone out there is using a token to replace the username/password domain authentication process for internal users to access network resources?  If so, can you recommend a provider?  How difficult was the move? What is the second authentication factor either password or challenged response, etc.
Thank you,
1 Solution
Rich RumbleSecurity SamuraiCommented:
First: http://www.experts-exchange.com/Security/Misc/A_12368-Two-Factor-Authentication-Added-layers-are-not-always-added-security.html
Second you can try the yubikey products, they are cheaper than many and very goo.

2FA doesn't work at the lower levels of the network, read my article for more information.
btanExec ConsultantCommented:
2FA simply means more than what we know and to incorporate either what we have (separate device like phone, OTP generator or smartcard) OR/AND what we are (biometric primarily). Most common is to have "what we have"

OTP - can be software or hardware authenticator. common one is securID. you need an authenticator server provision though so that this one time password is sync when you keyed in. See this comparison for summary

Phone based

- There is one called PhoneFactor that allows a server to communicate a one-time additional code with the user’s mobile phone at the time of access. It is now under Microsoft suite and support Azure Cloud (Amazon Cloud has MFA and using smartcard or token if I recalled correctly, is gemalto)
Some example using include https://2factor.musc.edu/2fa/

- And even google has apps for mobile called the authenticator

We do try to avoid going too complex with PKI and lesser footprint but at the same time able to scale and stay flexible. Hence smartcard wasnt always the liking though it is more secure compared to simple OTP...of course if machine has keylogger or browser MITM, the PIN and OTP can easily be siphoned ...
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now