Multifactor authentication Multifactor authentication or MFA is a security system that requires more than on method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction. Multifactor authentication combines two or more independent credentials: what the user knows like a password, what the user has the security token and what the user is like biometric verification. The goal of multifactor authentication is to create a layer of defense and make it more difficult for an unauthorized person to access a some like a physical location, network or database, or a computing device. If one of the factor is compromised, an attacker still needs at least one more barrier to breach before successfully breaking into the target. Multifactor authentication cont… Typical MFA scenarios include: Swiping a card and entering a PIN. Logging into a website and being requested to enter an additional one-time password OTP that the website’s authentication server sends to the requester’s phone, email address, or any other form. Downloading a VPN client with a valid digital certificate and logging into the VPN before being granted access to a network. Swiping a card, scanning a fingerprint and answering a security question Attaching a USB hardware token to a Desktop that generates a one-time passcode and using the one-time passcode to log into a VPN client. RSA Token/Symantec VIP Access RSA token or security token is a two-factor authentication technology that is used to protect network resources. The authentication is based on two factors. The two factors are first something you know like your password or pin and the second factor is something you have the authenticator (RSA Token). The code that RSA Token produces changes every 60 seconds as an added form of security. Symantec VIP Access is a software that protects your online accounts and transactions. The VIP credential provides a dynamic security code that you can use in addition to your user name and password for safe and secure account access. The code that VIP Access produces changes every 30 seconds as an added form of security. How RSA Token/VIP software work The way RSA Token and the VIP software work is when a user attempts to access a protected resource, he or she is prompted for a unique code. The code is a combination of their user’s password or pin and the code that is displayed on the authenticator token or VIP application at the time of logging in. The user ID and pass code are intercepted by the RSA Authentication Agent and presented to the RSA Authentication Manager software which validates the pass code. The RSA SecurID system computes what number the token is supposed to be showing at that moment in time, checks it against what the user entered, and makes the decision to allow or deny access. This is also the case with the VIP software. Reference http://www.webopedia.com/TERM/R/rsa_secure_id.html https://idprote ...