2. What Is APassword A password is a SECRET word or string of characters that is used for authentication, to prove identity or gain access to a resource Generally, should be something that is hard to guess
8. Other Shortcomings of A Password A hassle for users A drain on the helpdesk A headache for the management A worry for security managers
9. How To Steal A Password Shoulder surfing Snooping on the user’s network connection Hacking the system’s password file Simple guesswork Use powerful password cracking tools 1 2 3 4 5
10. Conclusion: The classic username-and-password combination can only deliver weak authentication. And yet it is all that stands between your sensitive business information and prying eyes.
11. What is the IDEAL solution that can provide STRONG AUTHENTICATION?
14. Two-Factor Authentication Your username and password What you have What you know Strong Authentication + = A One-Time-Password Token
15. One-Time-Password (OTP) A password that is valid for only ONE login session or transaction Also known as dynamic password
16. OTP Technology Two input factor is taken to generate an OTP. Time factor or Number of clicks 1 Seed code 2 Types of OTP: Time-based authentication 1 Event-based authentication 2 Challenge-response-based authentication 3
21. How SecureOTP Works Same Account Account1 Account 1 + + Customer Authenti-cation Server Same PIN Pwd Pwd + + Same OTP 555532 Same Algorithm Algorithm Algorithm Timer/Event Seed Timer/Event Seed Same Seed Same Event Counter / Timer
22. PWD OTP Time/Event Synchronous OTP Workflow DB + 3 User Input 1 2 4 5 SSL Authentication Server Application Server