Introducing Two-factor authentication – “Security, Security, Security”


Introducing Two-factor authentication – “Security, Security, Security”

The days where Username and Password authentication sufficed for logging in to my email – only for me to check “remember me” – are long gone.  Lo and behold, a new generation (pun intended) of One-Time-Password (OTP) dongles are here to weigh our pockets down.  The extra weight not only makes the authentication process a wee bit more cumbersome but also marginally devalues your need to hit “remember me”.  So “terribly” deviant is such a process that it distracts us from the sheer beauty of 2 Factor Authentication.

Irony, confusion and melodrama aside, 2 Factor Authentication (2FA) is awesome!  And as you probably would have inferred by now, 2FA is available for all Plunify users. With the new capability to enable 2FA within every user profile, users are granted the peace of mind with another layer of security.  What’s more, the welcoming user interface that we all have come to love remains well preserved.

So what exactly is 2FA and where is this additional layer of security coming from you might ask?  Well, imagine for a moment that you are caught in a zombie apocalypse and you are the only surviving human being. In order to save your race you have to reach the antidote (that cures the zombies) before they get to you.  The antidote is stuck behind an impregnable fortress that only opens to the sound of “Old McDonald had a Farm”.  The evolution of human-like vocal cords in zombies and the knowledge of nursery rhymes will allow them to reach the antidote before you.  Now why would you want that?  Imagine again the same scenario only now the fortress opens to the sound of “Old McDonald had a Farm” and the verification of human DNA.  In short, 2FA is like human DNA.  It works with something you know: nursery rhymes, and something you have: human DNA (hopefully).

As I see it, verifying human DNA seems like a huge mountain to climb.  Thankfully, OTP verification isn’t half as bad.  To begin, the presence of a thorough walkthrough simplifies the setup procedure and serves to guide users a great deal.  Next, it comes fully compatible with iOS, Android and Windows Phone operating systems. With “Google Authenticator” for iOS/Android and “Virtual TokenFactor” for Windows Phone, these mobile applications help to transform “what you have” into what you already have – your smart phone.

No need for extra dongles, just extra security!  Keeping with the idea that the setup should be as intuitive as possible, we utilized QR codes for easy capture all within the means of the aforementioned mobile applications.  Within seconds after setup, users will observe an OTP generated on their smart phones and it will continually change after a fixed elapsed time.  The point to take home: OTPs are unique and user-accessible only.

With 2FA enabled and roaring to go, the user simply enters his Username and Password as per normal.  Next, the user will be prompted to enter the OTP generated on his/her phone. If authentication is verified correct, there will be a lease time of 24 hours before 2FA authentication is once again required.  This feature facilitates the need for users to run multiple jobs at different times within the 24-hour lease period.  Finally, if “2FA” isn’t quite the tune you had hoped to hear from your music box, simply unchecking it from your profile brings you back to your default profile setup.

The flexibility to control your layers of web security is the aim of the game.  With on-demand 2 Factor Authentication integrated into our platform, we not only achieved that goal, but also managed to stick with our priority of providing seamless access.

Find out more on how you can enable your 2-factor authentication

Leave a Reply