2 Factor & Multi Factor Authentication

Slides:

Advertisements

Similar presentations

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)

Advertisements

Mutual OATH HOTP Variants 65th IETF - Dallas, TX March 2006.

The team - currently 25 people

SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.

 Physical Logical Access  Physical and Logical Access  Total SSO and Password Automation  Disk/Data Encryption  Centralized management system  Biometric.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Microsoft Ignite /16/2017 4:55 PM

PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

MOBILE SECURITY MADE EASY. STOCKHOLM SOFTWARE COMPANY.

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

PIN-on-Card New contact-less smart card with integrated PIN pad for secure user verification at unparalleled cost effectiveness.

Identity Assurance Emory University Security Conference March 26, 2008.

Microsoft Management Seminar Series SMS 2003 Change Management.

Free, online, technical courses Take a free online course. Microsoft Virtual Academy.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

1. U2F Case Study Examining the U2F paradox 3 What is Universal 2 nd Factor (U2F)?

Chris Calderon – February 2016 MIS 534 Information Security Management.

SendPro is the Easy-to-Use, Online Solution that Simplifies Office Shipping for USPS ®, FedEx ® and UPS ® – Integrated with the Features of Windows 10.

Secure Quick Reliable Login ● SQRL pronounced “squirrel”. ● Acronym confusion – QR no longer stands for “Quick Response” two-dimensional bar codes. Optional.

A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.

Modern Alchemists Brings Quality Games and Apps to Windows Mobile Devices and Desktops with Help from Universal Windows Platform Tools WHAT WE OFFER WHAT.

PV204 Security technologies Labs: Secure authentication and authorization Petr Švenda Faculty of Informatics, Masaryk.

One Picture 4 Points No Passwords

Identity Standards Architect, Microsoft

2016 LOGO Comparison Between Apple Pay and Ali Pay Zhu Liang Li Zhihao

IT Security Awareness Day October 19, 2016

The time to address enterprise mobility is now

Protect Manage Optimize Why LastPass Enterprise? Protect Manage Optimize.

Instructor Materials Chapter 6 Building a Home Network

Microsoft Passport and Windows Hello Developer’s Guide to Windows 10 Build SDK Update Andy Wigley

AuthLite 2-Factor for Windows Administration

Goodbye to Passwords.

ActivID Tap Authentication HID Global

6/17/2018 3:45 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Modernizing your Remote Access

Online password manager By: Anthony diveronica

Examine common architectures for hybrid identity

Conveying Trust Serge Egelman.

2-Factor Authentication Update

CompareDocs cloud Makes it Immediately Clear What has Changed Between Document Versions, on any Windows 10-Compatible PC or Device WINDOWS APP BUILDER.

Motion Capture Company Relies on Windows App Builder, Azure Cloud, and Windows SDK to Securely Capture and Host Health Care Data WINDOWS APP BUILDER PROFILE:

Microsoft’s guide for going password-less

Two-factor authentication

Microsoft’s guide for going password-less

FIDO U2F Universal 2nd Factor

Windows Hello Sam Chang Senior Program Manager WinHEC 2015

Boost Your Sales, Extend Your Reach, Attain New Levels of Customer Satisfaction in the Modern, Mobile, Cloud Era with blue-app and Windows 10 WINDOWS APP.

Cypak core technology Combat fraud and keep your customer happy

How to Secure your Google Account WE WORK ON MAKING GMAIL EXPERIENCE BETTER !!!!!

Resco Mobile CRM Enables Sales Reps and Field Technicians to Access CRM Data Effortlessly While On the Go Across All Types of Mobile Devices WINDOWS APP.

Office 365 Identity Management

Multifactor Authentication & First Time Login

Microsoft Virtual Academy

Back Up and Recovery Sue Kayton October 2015.

Lifesize® Technical Update

Microsoft Ignite NZ October 2016 SKYCITY, Auckland.

Sherpany’s Boardroom App for Windows: It’s a Perfect Tool for Managing Top-Level Meetings, Optimized for Use on Microsoft Surface Devices WINDOWS APP BUILDER.

Five mistakes to avoid when deploying Enterprise Mobility + Security

The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.

Microsoft Virtual Academy

ACS Deployment Scenarios

Using Two Factor Authentication To Secure Users Alan P. Barber

One Marketing Template

Preparing for the Windows 8. 1 MCSA Module 6: Securing Windows 8

Getting Started With LastPass Enterprise

Microsoft Virtual Academy

Presentation transcript:

2 Factor & Multi Factor Authentication A product delivered by

YubiKeys Two factors. One touch. Zero client software. YubiKey 4 Nano YubiKey NEO Tord This slide shows the two form factors of the YubiKey. To authenticate with a YubiKey you place it in the USB port with the keychain size and tap the blinking light in the gold area. For the nano size, you YubiKey fits entirely inside the USB port and you just touch the golden area to generate your login credentials. When you touch the YubiKey you are just verifying that you are a real human being and not a trojan – remember that this is not a biometric device. For mobile devices supporting NFC, you can tap a YubiKey NEO to the phone.

Customers Deployed by 8 of the top 10 internet companies www.yubico.com/customers Bestseller on Amazon.com Tord Our business model is simple: We offer our YubiKeys online, with free open source servers. We allow anyone to integrate with their own software, services, or enterprise IT-systems. Today we have shipped millions of Yubikeys to more than 150 countries. And 8 of the top 10 Internet companies use Yubikey internally, and have - or are in the process of - making support for their end-users. A product delivered by

Where Can I Use the YubiKey? OTP PIV OpenPGP FIDO U2F Tord The YubiKey can be easily integrated with your own software, service or enterprise IT-system. Or you can use it out-of-the-box, with a growing number of applications. The same YubiKey that I have on my keychain I use with my LastPass account, my corporate Salesforce account. And using one time password, I can use it as a PIV smart card to access my Windows environment. And I can use the same key to also log in to Google for Work, GitHub, and Dropbox with no third-party service or software installed. It just works out of the box. All three protocols are supported across all these apps with a simple touch on a single device. Next slide please. I’m now going to pass the presentation over to Tom, who will talk a bit more about all of these different protocols and use cases. Tom?

YubiKey 4 OpenPGP PIV Config Set 1 Config Set 2 OATH-TOTP FIDO U2F Yubico OTP OATH-HOTP Challenge-Response Static Credential Config Set 2 Yubico OTP OATH-HOTP Challenge-Response Static Credential Tom YubiKeys support multiple modes - each YubiKey combines the function of many other devices. Points: One device, multiple functions all working together at the same time. OATH-TOTP FIDO U2F

Passwords anyone? Reused Phished and MitM Keylogged

Didn’t we solve this already? Smart Cards SMS OTP devices Readers/drivers Middleware Cost Coverage Delay Cost Battery Battery Shared secrets One per site Provisioning costs OTP is short for One-Time Password Shared secrets are hard to protect and scale, and cannot be hashed.

...but most importantly User experience Still phishable MITM Users find it hard to use Successful attacks carried out today Successful attacks carried out today None of these technologies has any protection against phishing. If you can phish a password, you can phish a one-time password… Over 90 percent of hacking attacks begin with phishing.

...but most importantly User experience Still phishable MITM Users find it hard to use Successful attacks carried out today Successful attacks carried out today

...also No batteries or drivers One device Open standard Site-specific keys Standardized in the FIDO Alliance FIDO Alliance: 200 member companies. Led by Google, Microsoft, Yubico and others.

U2F at Google Compared to TOTP Google started rolling out U2F two years ago internally. Now almost all internal applications supports U2F.

Support incidents 40% fewer

Login times 400% quicker

Security incidents “Dramatic decrease, no more Phishing”

Resources Strengthen 2 step verification with Security Key Yubico Security Key Yubico Libraries, Plugins, Sample Code, Documentation FIDO U2F Protocol Specification Yubico Demo Server - Test U2F Yubico Demo Server - Test Yubico OTP Google security blog yubico.com/security-key developers.yubico.com fidoalliance.org/specifications demo.yubico.com/u2f demo.yubico.com

By your Yubikey Online on www.ciptor-Benelux.com ::: Danny Zeegers::: Danny@ciptor.com ::: PUB ::: A0973948 FF8A F719 AE58 2818 1B89 4D83 1CE3 9268 A097 3948 VP Sales BENELUX Cell: +32 471 68 68 78 Skype: Danny Zeegers By your Yubikey Online on www.ciptor-Benelux.com