{"id":41,"date":"2011-08-22T12:31:00","date_gmt":"2011-08-22T19:31:00","guid":{"rendered":"https:\/\/thebeagle.itgroove.net\/?p=41"},"modified":"2023-02-24T21:47:08","modified_gmt":"2023-02-24T21:47:08","slug":"two-factor-authentication-for-the-masses","status":"publish","type":"post","link":"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/","title":{"rendered":"Two-factor authentication for the masses"},"content":{"rendered":"<p>One thing the \u201cbig guys\u201d have always had available to them is \u201ctwo factor\u201d authentication in the form of products such as SecureID from RSA (there are others but SecureID is the one I\u2019m most familiar with).&#160; Two factor authentication goes beyond the password authentication mechanisms we are all used to and adds a layer of extra security by requiring you to authenticate to a system using something you \u201chave\u201d (in the case of SecureID a SecureID keyfob or a SecureID app on your smartphone) and something you \u201cknow\u201d (a PIN number or something similar).&#160; In the case of SecureID the something you \u201chave\u201d is a constantly changing and unique ID number displayed by your FOB or phone app and the unchanging ID that you \u201cknow\u201d (your PIN).&#160; These two items are combined to provide a secure, unique and one-time authentication code to your system.&#160; Banks, government ministries and many other organizations have been using these types of systems for years to provide a very strong layer of authentication security for their systems.&#160; It is a well proven technology that, unfortunately, usually carries a price tag that puts it out of the reach of those of us in the SMB world.&#160; And, yes, before I get flamed, I know there are a number of companies that provide a similar mechanism to SecureID at a lesser cost; but the costs are still not inconsequential.<\/p>\n<p>I was working with a new customer last week, a non-profit health care facility, that utilizes British Columbia\u2019s \u201cPhysician\u2019s Private Network\u201d or \u201cPPN\u201d to access their hosted EMR application.&#160; PPN is a private network with limited access to the Internet.&#160; One of the BIG rules on PPN is that you cannot have remote access applications installed on your servers or PC\u2019s that reside on PPN that do NOT have two factor authentication.&#160; This worried me as we wanted to have LogMeIn installed on the server in order to provide remote access to the server for whenever we needed to support the customer.&#160; As a small non-profit the customer certainly could not afford SecureID or, for that matter, any of the other vendors that I was aware of.&#160; I spoke with one of the technicians responsible for PPN and he told me about a <strong>free<\/strong> (yup, that\u2019s right, <strong>free<\/strong>) service that provides two factor authentication services via your phone, the service is recognized as a valid two factor authentication process and they had an agent that would plug into LogMeIn.&#160; I had to check it out!!<\/p>\n<p>I\u2019m pleased to say that <a href=\"http:\/\/www.phonefactor.com\" target=\"_blank\" rel=\"noopener noreferrer\">PhoneFactor<\/a> truly works as advertised and it is free!&#160; I created an account at PhoneFactor and linked the number fo my cell phone to the account.&#160; I then downloaded and installed the PhoneFactor agent for LogMeIn on the server, configured the agent so that the login account I use from outside is tied into PhoneFactor and tried it out.&#160; Voila!&#160; LogMeIn asked me for my credentials, it caused the PhoneFactor agent to call home, PhoneFactor called my phone and requested I punch a certain key sequence and PhoneFactor then authorized my log in via LogMeIn.&#160; Very, very slick!<\/p>\n<p>There are a few caveats with the biggest being as far as I can tell there is no way to have PhoneFactor link multiple phone numbers to a given PhoneFactor-enabled login (so if Louis logs in to the customer using the login I enabled with PhoneFactor, my phone will ring looking for the authentication and not his).&#160; This is a bit of a pain but not something that would stop me form using the service, I\u2019d just have to look at creating the appropriate linkages between login accounts and PhoneFactor accounts.<\/p>\n<p>I\u2019m going to be testing PhoneFactor to see if it can be integrated with things like the SBS2001 Remote Web Access (RWA) system and I will blog the results.<\/p>\n<p>If you have been looking for an inexpensive way to add authentication security to your publically accessible systems, you owe it to yourself to check it out.&#160; <a href=\"http:\/\/www.phonefactor.com\">www.phonefactor.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>One thing the \u201cbig guys\u201d have always had available to them is \u201ctwo factor\u201d authentication in the form of products such as SecureID from RSA (there are others but SecureID is the one I\u2019m most familiar with).&#160; Two factor authentication goes beyond the password authentication mechanisms we are all used to and adds a layer &hellip; <a href=\"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/\"><\/a><\/p>\n","protected":false},"author":10,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[270],"tags":[501,547,551,609],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Two-factor authentication for the masses - Archive<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Two-factor authentication for the masses - Archive\" \/>\n<meta property=\"og:description\" content=\"One thing the \u201cbig guys\u201d have always had available to them is \u201ctwo factor\u201d authentication in the form of products such as SecureID from RSA (there are others but SecureID is the one I\u2019m most familiar with).&#160; Two factor authentication goes beyond the password authentication mechanisms we are all used to and adds a layer &hellip;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/\" \/>\n<meta property=\"og:site_name\" content=\"Archive\" \/>\n<meta property=\"article:published_time\" content=\"2011-08-22T19:31:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-24T21:47:08+00:00\" \/>\n<meta name=\"author\" content=\"Sean Wallbridge\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sean Wallbridge\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/\",\"url\":\"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/\",\"name\":\"Two-factor authentication for the masses - Archive\",\"isPartOf\":{\"@id\":\"https:\/\/regroove.ca\/archive\/#website\"},\"datePublished\":\"2011-08-22T19:31:00+00:00\",\"dateModified\":\"2023-02-24T21:47:08+00:00\",\"author\":{\"@id\":\"https:\/\/regroove.ca\/archive\/#\/schema\/person\/74e1c0def190f181c1394c2b6d883e77\"},\"breadcrumb\":{\"@id\":\"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog Archive\",\"item\":\"https:\/\/regroove.ca\/archive\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Two-factor authentication for the masses\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/regroove.ca\/archive\/#website\",\"url\":\"https:\/\/regroove.ca\/archive\/\",\"name\":\"Archive\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/regroove.ca\/archive\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/regroove.ca\/archive\/#\/schema\/person\/74e1c0def190f181c1394c2b6d883e77\",\"name\":\"Sean Wallbridge\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/regroove.ca\/archive\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/adf8cea6291c39d166616f2148d919a6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/adf8cea6291c39d166616f2148d919a6?s=96&d=mm&r=g\",\"caption\":\"Sean Wallbridge\"},\"url\":\"https:\/\/regroove.ca\/archive\/author\/swallbridge\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Two-factor authentication for the masses - Archive","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/","og_locale":"en_US","og_type":"article","og_title":"Two-factor authentication for the masses - Archive","og_description":"One thing the \u201cbig guys\u201d have always had available to them is \u201ctwo factor\u201d authentication in the form of products such as SecureID from RSA (there are others but SecureID is the one I\u2019m most familiar with).&#160; Two factor authentication goes beyond the password authentication mechanisms we are all used to and adds a layer &hellip;","og_url":"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/","og_site_name":"Archive","article_published_time":"2011-08-22T19:31:00+00:00","article_modified_time":"2023-02-24T21:47:08+00:00","author":"Sean Wallbridge","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Sean Wallbridge","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/","url":"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/","name":"Two-factor authentication for the masses - Archive","isPartOf":{"@id":"https:\/\/regroove.ca\/archive\/#website"},"datePublished":"2011-08-22T19:31:00+00:00","dateModified":"2023-02-24T21:47:08+00:00","author":{"@id":"https:\/\/regroove.ca\/archive\/#\/schema\/person\/74e1c0def190f181c1394c2b6d883e77"},"breadcrumb":{"@id":"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/regroove.ca\/archive\/2011\/08\/22\/two-factor-authentication-for-the-masses\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog Archive","item":"https:\/\/regroove.ca\/archive\/"},{"@type":"ListItem","position":2,"name":"Two-factor authentication for the masses"}]},{"@type":"WebSite","@id":"https:\/\/regroove.ca\/archive\/#website","url":"https:\/\/regroove.ca\/archive\/","name":"Archive","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/regroove.ca\/archive\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/regroove.ca\/archive\/#\/schema\/person\/74e1c0def190f181c1394c2b6d883e77","name":"Sean Wallbridge","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/regroove.ca\/archive\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/adf8cea6291c39d166616f2148d919a6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/adf8cea6291c39d166616f2148d919a6?s=96&d=mm&r=g","caption":"Sean Wallbridge"},"url":"https:\/\/regroove.ca\/archive\/author\/swallbridge\/"}]}},"_links":{"self":[{"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/posts\/41"}],"collection":[{"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/comments?post=41"}],"version-history":[{"count":1,"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/posts\/41\/revisions"}],"predecessor-version":[{"id":3091,"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/posts\/41\/revisions\/3091"}],"wp:attachment":[{"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/media?parent=41"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/categories?post=41"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/regroove.ca\/archive\/wp-json\/wp\/v2\/tags?post=41"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}