Two Factor Authentication

Password management is a difficult security issue for most corporations. With an increasing number of resources which require authentication, users are required to memorise passwords with varying complexity requirements and expiry dates. Invariably, users will resort to insecure methods of memorizing passwords - writing them down, storing them in document or even using software to "cache" their password.

Weak password hashing algorithms and operating system hardening contribute further to this problem. Network or physical access can guarantee access to any unhardened Windows based system within a short period.

Two factor authentication solves this problem by splitting trust into two factors. The user attempting to authenticate, proves their identity by "something they know" and "something they have". By splitting the trust over two factors, the necessary complexity of the "known" factor can be reduced. Usually a four digit pin is sufficient when a second factor is introduced.

In addition to reducing the complexity of password management, two factor authentication virtually eliminates the possibility of compromise using password. Without the second factor, knowing the password is useless. Keystroke loggers, shoulder surfing and replay attacks are all rendered ineffective provided the second factor is not stolen.

For more information on how Benelec can improve user authentication security in your organisation, please contact us. We would be happy to design a solution to meet your specific needs.