SecurAccess
Passwords
are inherently weak. As users are often required to remember many
passwords in life they tend to be easy to guess, attack or Socially
Engineer from the person. A hacker with simple, free tools can often
break them with ease. Even if a password is strong an attacker just
needs to install (at the PC or even remotely) a key logger or other
type of software ‘Trojan Horse’ to view any password
typed into the computer.
So
how do we allow a user to log into sensitive information such as
a company Intranet or Extranet or via a VPN on the internal network?
What if we want clients to access private data, perhaps on the work
we are doing for them?
Usually
we just simply supply them with a user name and password but this
is inherently insecure. For very secure logins we may use Secure
ID tags which dictate the passcode for us or even USB tokens to
authenticate who we are. However these solutions, although very
secure, are expensive to implement and even more costly to manage.
Enter Secure Access.
Alice
is a client who wants access to Bob’s network to test software
that is being developed for her. Alice is simply given a user name
by Bob.
-
Alice browses to the login page in her web browser
- She
enters her user name
- She
checks her SMS messages. One message is constantly updated with
the next passcode each time she logs in. She locates the 6 digit
code and logins in successfully.
- Moments
later her mobile bleeps with the next code ready for the next
time she needs to authenticate.
…Simple.
No expensive tokens, cards or tags, just access to her mobile phone.
This is the future of authentication.
Contact us for more details >>
|
