The solution features four new authentication methods now available to support an ever-widening array of use cases, which include face recognition biometric that uses an individual's facial characteristics to authenticate; FIDO U2F authenticators, such as Yubikey or Hypersecu USB keys that provide a hardware token
option; email delivery of a software generated one-time password (OTP) to a user's AD email; and integrated Windows Authentication (IWA) uses the fact that a user has already logged into Microsoft Windows as a factor.
* Secondary layer (something the user has): smart card, ID card, software token, hardware token
, or phone-based token
Shared secret architecture is considered more vulnerable than the hardware token
. For both types, the configuration file can be compromised if it is stolen and the token is copied.
The hardware token
offers a more flexible solution for graphical customisation and deployment, along with options for on-site initialization to further protect data and enhance security programming.
A single hardware token
can cost as much as $100 or more, making a 2FA solution that only satisfies a limited subset of use cases impractical.
With ProviderPass, Point and Click Solutions users purchase a one-time password hardware token
credential from Exostar.
DCS is available to all Common Access Card holders on NIPRNet and all SIPRNet Hardware Token
holders on SIPRNet, allowing users to communicate and share information in a secure forum.
Their initial target market are IT and security companies in the EMEA region, Sharuk and Jebara say, and the intended first users of the device are executives of these companies -- because at a $200 sales price per unit, the Ki hardware token
will not come cheap.
"Of course, as of today no one really wants a hardware token
any longer, and everyone is going into software form factors," he says.
These methods are based on hardware token
, software token, smart card, RFID, steganography, watermarking, or biometrics [2, 1826],
Rather than use a hardware token
that frightens the average Joe off, consumers can use their mobile phone as the authentication vehicle.