Windows Security Token
SolidPass provides a powerful, two-factor authentication solution on the popular Windows platform. SolidPass™ uses a robust encryption mechanism appropriate for soft tokens, including a powerful time-based token. The allowed maximum validity period of a generated OTP is set to 3 minutes by default, and the OTP timeout period is a configurable parameter. The shorter the validity period, the higher the security level provided. The length of the OTP also contributes to the security level provided. Longer OTPs make a system more secure. The suggested minimum OTP length in the SolidPass™ System is 8 digits or 6 alphanumeric characters. SolidPass also supports event-based tokens for Windows. The user is provided a numerical password and an algorithm that turns the password into a new number. At the next login, this new number is submitted and checked against what the provider knows the algorithm should have produced. If there is a match, the user is allowed to log in. Along with time or event based authentication, these other authentication methods are available for SolidPass on Windows:
- PIN control mandatory/optional
- Security Question
- Challenge-Response
- Transaction Data Signing (TDS)
- Mutual Authentication
SolidPass for Windows is easy to download, install, and use. It provides users with an easy and secure way to access critical information from their Windows machine.
SolidPass security token can be used to prevent the following:
- Phishing Attacks
- Pharming Attacks
- Man-In-The-Middle Attacks
- DNS Cache Poisoning Attacks
- Trojans Attacks
- Man-In-The-Phone Attacks
- Browser Poisoning Attacks
Environmental Footprint
Hardware tokens have a limited life span. After their obsolescence, they have to be discarded and new ones have to be issued. By contrast, mobile security tokens are a virtual product using existing hardware, thus minimizing negative externalities.
OATH Compliant Tokens
As a member of the Initiative for Open Authentication, SolidPass™ tokens are built OATH compliant.
Regulatory Compliance
Regulatory requirements are pressuring organizations to adopt stronger authentication methods and to secure access to data systems and applications. Static username/password identity management no longer provide enough security to authenticate users accurately. This has led to adopting two-factor authentication systems. Legislation from the Sarbanes-Oxley Act (SOX), guidelines from the Federal Financial Institutions Examination Council (FFIEC), and recommendations from the Health Insurance Portability and Accountability Act (HIPAA) all require that organizations use stronger forms of authentication to mitigate data theft, prevent fraud, protect customer information and patient privacy. SolidPass helps organizations and enterprises comply with regulatory regimes that cover authorization rules and auditing protocols. In addition to non-compliance, organizations that continue to use static username/passwords face numerous problems ranging from brute force attacks, dictionary attacks, guessing and social engineering.