Changes

Multi-Factor Authentication

719 bytes added, 15:07, 4 July 2019
no edit summary
__TOC__
When using two-factor authentication, each new user can use Google Authenticator to obtain one-time passwords, calculated from algorithms which are time and/or event-based.=Overview=
==Definition of "When using '''Two-Factor Authentication"==Most websites where , '''each new user can use the Google Authenticator app to obtain one can login require a username and password. While a username and a password -time passwords which are two different things they are both "known" by the individual logging in. In short, this means that anyone who knows the username calculated from time and password can login, thus there is very little that can be done to identify that the individual logging in is actually the individual who owns the account/or event-based algorithms. 
Enter factor twoMost websites that a user can log into require a username and password, both "known" by the individual in order to log in. In short, this means that anyone who knows the correct username and password combination for a unique account can log into that account; thus, there is very little that can be done to identify that the individual logging is is actually the individual who owns the account. The   The '''Two-Factor Authentication '''function provides a second factor - this can be something that someone has (for example, an access card) or some unique property of that person(for example, a fingerprint, or a code sent to a personal mobile device). The former could refer to   A user may lose an access card and or get duped into sharing a password, but the latter would refer odds of both happening are dramatically reduced. Using '''Two-Factor Authentication '''enhances an organization's ability to ensure that no one is using illegitimate means to gain access.  '''Two-Factor Authentication '''is a required component of maintaining [[SmartSimple]]'s SOC2 security status. SmartSimple supports two different '''Two-Factor Authentication '''approaches:  * '''TOTP '''([https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm Time-based One-Time Password]) - this technique uses an authentication app that is installed on a mobile phone * '''RSA Disconnected Token '''- this technique requires a physical device used to generate a fingerprintone-time code  <pre> This article deals specifically with the TOTP protocol. To learn more about the RSA Disconnected Token protocol, contact your account manager.</pre> 
As you can see, one may lose an access card or get duped into sharing a password, but the odds of both happening are greatly reduced. Using Two-Factor Authentication enhances an organization's ability to ensure that no one is using illegitimate means to gain access.
==Configuring a Role to Use Two-Factor Authentication==
2,299
edits