Application Security or Usability?
Oh the choices we are privileged to have here in America. Should I fly or drive? Email, text, or call? Used car or new car? There are so many choices to make that is can sometimes create a problem within itself. However, when it comes to web application security, should you have to choose between application security or usability? With a transparent, tokenless two-factor authentication (2FA), you wouldn’t have to choose.
You may ask yourself how a transparent, tokenless two-factor authentication solution would abolish the need to choose between application security or usability?
There are many methods of One-Time Password (OTP) deliveries, but the hard token approach can often be a challenge to the end user, because it requires them to always have the token available to login. However, a transparent, tokenless authentication solution can be a more user friendly method than a token based OTP since it can live within the machine being used.
Once you provide your username, password (single-factor authentication), and a hot key combination, your device transparently creates a computer-generated OTP. This OTP is then sent to the server; the server would then authenticate the generated OTP, thus giving access to the user across the approved applications.
Now that you have a little more background on how usable a transparent, tokenless authentication solution would be, you may be asking . . . “What about my devise getting stolen, and is this really a secure way to authenticate the user?”
Glad you asked. Let me explain how this would be more secure than your password alone and many delivered OTP methods.
A common concern is: “what if my device is stolen? Everything they need to login is right on my device.”
Once you report your stolen device to you solution provider, your transparent tokenless authentication can be disabled, keeping your account safe and the hacker out.
So unlike many of the decisions we have to make on a daily bases that make us choose between two good things, a transparent tokenless authentication solution would not make you choose. Instead, it would give you the best of both worlds without compromising your security.
Many companies have seen the need for both security and usability; therefore, they have turned to the authentication experts at PortalGuard and invested in PassiveKey.
No need to choose anymore between application security or usability!