Once upon a time, enforcing a strong password policy, was sufficient to prevent unauthorized access into your website accounts.
As the security landscape evolved, it became clear, that this was not enough any more.
Attackers
Today, attackers can discover user’s passwords in many ways.
- By a stolen or a lost computer
- By another site that you had same credentials (that’s a good reason for an GDPR compliant complain! :-)), or even
- Another way is by your own computer, when infected with a virus, and captures your keystrokes.
Alternative
?he most important solution would be, SNET Yubikey’s, as the New Global standard for two-factor, multi-factor and password-less authentication, that implements a public-key cryptographic system, to authenticate yourselves.
2FA
Finally, a simple and effective way to improve how your users authenticate themselves, is by using a method known as “Two-Factor Authentication“, “Two-Factor Auth”, “TFA” or “2FA”.
Two-Factor Authentication is a method where your users are required to log in with two “factors”.
A password, and a code from a device that they carry on their person, like their mobile phone.
A great pattern that we are seeing for implementing two-factor authentication, is to use the TOTP (Time-based One-time Password Algorithm) standard for the second authentication step.
What is so cool about TOTP is that, it is flexible enough to allow your users to generate their authentication tokens, directly on their mobile devices.
All you need is an app like, Google Authenticator, Authy, LastPass Authenticator, Microsoft Authenticator etc.
Solution
This means, you only need to implement our additional authentication scheme, in your web sites or your servers so that your users can get tokens.
How many times you requested an additional security step, to a plain login form, of purchased platform of yours, and the answer was “We don’t currently support it. We estimate on having it implemented, at the the 3rd quarter of the …NEXT year!!”.
DON’T bother any more. Now you no longer have to wait!!
You can implement SNET “Two-Factor Authentication“ on ANY website, on ANY server, on ANY application, on ANY container, on ANY applet …NOW!!!
Don’t worry for any login session conflicts, with your current website or app credentials, as they aren’t any!
How about getting a sneak peek in SNET TWO-FACTOR AUTHENTICATION suggestion?
