I'm trying to implement 2 factor authentication on the cheap. How would I do that?
Posted
by Biff MaGriff
on Stack Overflow
See other posts from Stack Overflow
or by Biff MaGriff
Published on 2010-05-12T21:28:35Z
Indexed on
2010/05/12
21:34 UTC
Read the original article
Hit count: 210
authentication
|security
Ok so I need 2 of the 3.
Something the user knows.
Something the user has.
Something the user is.
I have a system that is exposed to the internet and we need clients to connect in a secure manner to satisfy our security standards.
I'm thinking when a user registers to use our system we send them an application that they install on their home system. The application generates a key based on a timed randomness algorithm. Our application server has the same algorithm so when the user submits their credentials with the key we know that they are a legitimate user.
Is this a valid method of 2 factor authentication?
What is another way of doing this?
Are there any pitfalls that I should be aware of?
Thanks for your help!
© Stack Overflow or respective owner