
Mobile devices have quickly become ubiquitous in modern working environments. So much so, that including them as part of a user’s authentication experience has become the standard. Initially there were simple, time-based one-time passcodes (TOTP) sent via text messaging (SMS). More secure methods are becoming commonplace as well – mostly in the form of mobile apps providing TOTP codes or push requests.
What about environments without mobile devices?
Unionized environments where employers cannot compel users to use their personal devices
Government/high-security environments where mobile devices are not permitted
Computer-based exams where mobile devices cannot be used
Each of these situations has a strong case for needing the enhanced security that MFA can provide. The question of the day is, what options are available when mobile devices are not an option?
Voice call – User will receive a phone call on their landline and a one-time passcode (OTP) will be spoken out to them similar to SMS TOTP codes.
Yubikey – This is a USB or NFC hardware token-based factor that can be used to deliver TOTP codes for MFA.
WebAuthN – Uses native device biometrics such as Windows Hello or Touch ID (Face ID or Fingerprint ID).
Custom OTP – Use a desktop OTP calculator that calculates OTP codes based on a seed value. These require 3rd party apps to calculate TOTP codes (e.g. Authy https://authy.com/download/)
TypingDNA 2FA Authenticator – Utilize typing pattern biometrics. TypingDNA offers a free Chrome/Edge browser extension to generate TOTP codes that would otherwise be provided by the Google Authenticator mobile app. YouTube Demo
Okta Verify Desktop – Provides a level of device trust between the desktop and Okta. This is the foundation for Okta FastPass and is also typically teamed with native device biometrics.
Commentaires