Two-factor authentication

Two-factor authentication (2FA) is a two step verification process, which is designed to strengthen security, by not only requiring a password and username, but also an item a user has on their person, such as a smartphone app to approve authentication requests.

2FA protects against phishing, social engineering and password attacks, securing your logins from attackers looking to exploit weak or stolen credentials.

Without a physical device or item, remote attackers can’t pretend to be you, and it makes it much harder for attackers to gain authorisation to corporate networks, cloud storage and financial information. 

Two Factor Features

Duo Mobile

The duo mobile app secures every application whilst verifying the identities of your users, and forms part of a complete trusted access solution. It provides secure access to cloud based and on-premise applications, via one simple mobile app.

 

Authentication Methods

Authenticate anywhere, anytime and with any device using Duo security’s methods. These include, phone call back, HOTP code generators, security tokens, and SMS passcodes.

 

User Access Policies

Verify the identity of your users with contextual user access polices. For example, you can block any authentication attempts from countries you don’t do business in, or block any requests originating from anonymous networks. 

Benefits of 2FA

Easy, effective & secure

To ensure every point is protected, Duo’s Trusted Access solution easily integrates with on-premises, web based and cloud based applications.  It’s secure single sign on is the easiest way for users to access their cloud applications by logging in once to a web portal.

 

User Access Polices

Data is collected on every authentication request. Helping you make informed policy decisions. Displaying information on users, devices and their authentication activity, Duo’s User Access Polices allow you to limit access to any number of users and groups.

 

Trusted Access

Whilst Duo verifies user identities, it also checks their devices to ensure they’re healthy and up to date before allowing them to access your applications.

What is OOBA?

Out-of Band Authentication or 'OOBA' refers to conducting two-factor authentication (2FA) over separate networks or channels, as opposed to the primary network or channel.

For example, you may use a username and password to complete the primary authentication (this is sent over the primary network).  However, you may want to use a different network to complete your second factor, approving a push notification sent over your mobile network is an example of out-of-band authentication.

If delivered over the same channel, a remote attacker can hack into your computer via your internet connection, allowing them to steal your password and your second form of authentication. 

 

Why EBC Group?

EBC Group provides the best in IT cyber security and 2 factor authentication solutions.

Our cyber security adds vital layers of protection for businesses looking to avoid potential devastation of a cyber attack.

Our intrusion prevention technology, offers protection against network threats in addition to offering the latest and most advanced filtering systems and anti-spam systems direct from our privately owned duel data centres, as well as the security of a full disaster recovery solution. 

 
Push Notifications

Push Notifications

Verify your identity by approving a push notification from a mobile app on your smartphone or other item. 

Security Tokens

Security Tokens

Using a hardware or security token, such as a smart card, a passcode is generated that you must type into your two-factor prompt. 

TOTP

TOTP

Similar to SMS, a two-factor authentication app generates a new, unique passcodes. These are known as one-time passcodes (TOTP).

U2F Device

U2F Device

Universal 2nd factor (U2F) is a authentication that uses an authenticator (a USB hardware device) and a server. A user authenticates by tapping the device inserted into their computers USB device. 

Phone Callbacks

Phone Callbacks

This method calls your phone and waits for you to pick up and press any key to authenticate before allowing access. 

SMS Passcodes

SMS Passcodes

A unique passcode is sent to your phone, via SMS that you must type into your two-factor prompt.