SecurEnvoy, the inventor of tokenless® authentication, today announced that it has partnered with PasswordBank to bring the leading tokenless two-factor authentication capabilities to the PasswordBank identity management offering.
Customers will be able to access cloud solutions, such as Google Apps, Office365 and Salesforce.com, through PasswordBank’s single-sign-on platform, using SMS messages for two-factor authentication. This partnership delivers business-grade security, without requiring users to carry a physical token at all times.
Steve Watts, Sales Director of SecurEnvoy, said, “A major benefit of cloud technology is that it frees employees from their workstations, and gives them access to the tools they need, wherever they are and whenever they need it. Knowing how important security is, many companies implement two-factor authentication to ensure that they always know who is accessing their systems at any time. But forcing users to carry tokens around with them (and not letting them login if they don’t have them) defeats the point. By combining the freedom of using SMS messages as the second factor, with the flexibility of the cloud, suddenly workers really do have the freedom they need.”
Dennis Lee, VP of Technology from PasswordBank said, “We have enabled two-factor authentication with tokens for some time, but our clients are starting to demand solutions that are cheaper to implement and deliver more flexibility. By offering the tokenless solution from SecurEnvoy, we can meet the demands from our customers – and we can implement it with our current systems easily.”
What is two factor authentication?
Two factor authentication (2FA) is a way of verifying a person is who they say they are. It requires the combination of two out of three possible factors – something you know – so a username, password or PIN; something you have – a credit card or token, and something you are – fingerprint. The combination of a username and password does not constitute 2FA as it is two types of the same factor.
Authentication tokens, first used over 20 years ago, generate a one time passcode (OTP) which can be entered as part of a 2FA process. They are different to PIN numbers, which are static, as they change every time and will expire within a set time. However, unlike the original physical tokens of the 80s, today OTPs can be generated by apps on a smartphone or sent via SMS making their use not only easy, but also practical.