Smartphones take center stage in two-factor authentication schemes

FREE

Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CITEworld, CSO, Computerworld, InfoWorld, ITworld and Network World. Learn more.

SecureAuth IdP wins test of 8 software-based authentication systems that deliver enterprise-level security

We all know that relying on a simple user ID and password combination is fraught with peril. One alternative is to use one of the single sign-on solutions we reviewed last year, but there are less expensive options that could also be easier to install.

That’s where two-factor authentication services come into play. Years ago, vendors came out with hardware-based two-factor authentication: combining a password with a token that generates a one-time code. But toting around tokens means that they can get taken, and in a large enterprise, hard tokens are a pain to manage, provision and track.

Enter the soft token, which could mean using a smartphone app, SMS text message, or telephony to provide the extra authentication step. We reviewed eight services that support up to five kinds of soft tokens: Celestix's HOTPin, Microsoft's PhoneFactor, RSA's Authentication Manager, SafeNet Authentication Service, SecureAuth's IdP, Symantec Validation and ID Protection Service (VIP), TextPower's TextKey, and Vasco's Identikey Authentication Server.  

To continue reading, please begin the free registration process or sign in to your Insider account by entering your email address:
Insider Shootout: Best security tools for small business
Join the discussion
Be the first to comment on this article. Our Commenting Policies