Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Office of Information Technology Two-Factor Authentication.

Published byCharleen Potter Modified over 9 years ago

Similar presentations

Presentation on theme: "The Office of Information Technology Two-Factor Authentication."— Presentation transcript:

1 The Office of Information Technology Two-Factor Authentication

2 The Office of Information Technology What is two-factor authentication? Why are we implementing two-factor? What is affected? What tool is used and how does it work?

3 The Office of Information Technology What is two-factor authentication?  Authentication is based on factors  Knowledge factors (something you know, like a password or passphrase)  Possession factors (something you have, like a phone or other token)  Inherence factors (something you are, like a fingerprint or other biometrics)  Adding a check of “something you have” to the regular myUTSA passphrase check (“something you know”) provides two- factor authentication

4 The Office of Information Technology Why are we implementing two-factor authentication?  If the secret in a single-factor authentication scheme gets compromised, full authentication is possible  Successful phishing attacks can compromise single-factor authentication  UT System memo requiring two-factor authentication in certain cases  Phishing attacks at UT System institutions resulting in financial losses  Deadline for compliance is August 31, 2015

5 The Office of Information Technology What services will be affected by two-factor authentication?  Connecting to the UTSA network via VPN or terminal services such Citrix – July 1  Server admin or other individual working from a remote location accessing a server containing confidential university data must use VPN  Connecting to UTShare to view or modify employee banking or financial information – August 1  Faculty services tab in ASAP – November 2015

6 The Office of Information Technology What tool is used and how does it work?  We will use mobile devices to provide two-factor authentication using a tool called Toopher  Toopher works with both iPhones and Android phones, and provides SMS (text messaging) or one-time password options for users without a smartphone

7 The Office of Information Technology How does it work? The first time a user accesses a Toopher- protected application, they are asked to pair their myUTSA account with Toopher Pairing is a simple one-time task that only takes a few seconds Once paired, the user’s smartphone, SMS number, or OTP sheet is now their token to provide the second factor

8 The Office of Information Technology How does it work? Once their myUTSA account is paired with Toopher, users will be challenged to use their token (smartphone, SMS text, OTP) when they login to any Toopher-protected applications

9 The Office of Information Technology Toopher Walkthrough

10 The Office of Information Technology Pairing with the Toopher app

11 The Office of Information Technology

12

13

14

15

16

17

18

19

20

21

22

23 Authenticating using the app

24 The Office of Information Technology

25

26

27

28

29

30 Un-pairing with the app

31 The Office of Information Technology

32

33

34 Unpairing using self-service

35 The Office of Information Technology

36

37

38

39

40

41

42 Un-pairing using accountclaim.utsa.edu

43 The Office of Information Technology

44

45

46

47

48 Pairing using SMS (text messaging)

49 The Office of Information Technology

50

51

52

53

54 Authenticating using SMS

55 The Office of Information Technology

56

57

58

59

60 Pairing using One-Time Passwords

61 The Office of Information Technology

62

63

64

65

66

67

68 Authenticating using OTP

69 The Office of Information Technology

70

71

72

73

74 Using the OTP option from the app

75 The Office of Information Technology

76

77

78

79

80 Questions?

Download ppt "The Office of Information Technology Two-Factor Authentication."

Similar presentations

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)
McAfee One Time Password

McAfee One Time Password
Security for Mobile Devices

Security for Mobile Devices
The Office of Information Technology Network Access Control (NAC) Anthony Espinoza Information Security Officer UTSA Office of Information Security.

The Office of Information Technology Network Access Control (NAC) Anthony Espinoza Information Security Officer UTSA Office of Information Security.
The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.

The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.
Azure AD & Office 365 1. Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.

Azure AD & Office Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.
EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.

EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Development and Implementation of Multifactor Authentication Motonori Nakamura at National Institute of Informatics and Takuya Matsuhira at Kanazawa University,

Development and Implementation of Multifactor Authentication Motonori Nakamura at National Institute of Informatics and Takuya Matsuhira at Kanazawa University,
Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting April 10, 2015 Information Security

Information Security The University of Texas at Dallas Education – Partnership – Solutions ISC Meeting April 10, 2015 Information Security
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
By Anthony McDougle and Loren Klingman.  The average user does not have secure passwords ◦ Simple passwords ◦ Reusing the same password ◦ Never changing.

By Anthony McDougle and Loren Klingman.  The average user does not have secure passwords ◦ Simple passwords ◦ Reusing the same password ◦ Never changing.
SSL From Your Smartphone Support for Android Smartphones www.sharetech.com.twwww.sharetech.com.tw / www.higuard.comwww.higuard.com.

SSL From Your Smartphone Support for Android Smartphones /
Confidential Computer Systems Group HD Lock for Toshiba Notebook August 3rd, 2006.

Confidential Computer Systems Group HD Lock for Toshiba Notebook August 3rd, 2006.
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.

Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutions Enabling Security, Efficiency and Collaboration through Technology.

Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutions Enabling Security, Efficiency and Collaboration through Technology.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.

Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
Chapter 10: Authentication Guide to Computer Network Security.

Chapter 10: Authentication Guide to Computer Network Security.
Author of Record Digital Identity Management Sub-Workgroup October 24, 2012.

Author of Record Digital Identity Management Sub-Workgroup October 24, 2012.
Mobile One-Time Password. Page 2 About Changingtec -Member of group -Focus on IT security software CompanyChanging Information Technology Inc Set upApril.

Mobile One-Time Password. Page 2 About Changingtec -Member of group -Focus on IT security software CompanyChanging Information Technology Inc Set upApril.

Similar presentations

Ads by Google