Two-factor authentication

  • Additional security for user credentials
  • Additional layers of authentication
  • Use of the HTTP protocol

Table of contents

Two-factor authentication

Two-factor authentication in eAuditor enables additional security of user credentials during the login process. This results in the introduction of an additional authentication layer. As a result, in addition to the standard way of logging in, which confirms user credentials through the system for local accounts or AD DS for domain accounts, authentication is required with additional hardware security or another authentication method.

Currently, the eAuditor system supports various two-factor authentication methods, including:
  • Microsoft Authenticator,
  • Google Authenticator,
  • Face recognition,
  • Codes sent to email,
  • Dongles

Advantages and safety

The use of authentication applications, such as microsoft authenticator or google authenticator, significantly increases system security. These applications generate one-time TOTP codes – Time-based One-Time Passwords, which are valid only for a short time and are unique for each login session. As a result, even if a user’s password is stolen, access to the account is still blocked without a second element of authorization.

In addition, methods such as facial recognition and USB dongles provide protection against phishing attacks and other forms of fraud because they require the physical presence of the user and direct access to the device. These technologies are difficult to copy, which minimizes the risk of unauthorized account takeover.

Using authentication apps also gives users convenience, allowing them to log in quickly and easily without having to remember complicated passwords. These apps work on mobile devices, providing flexibility and accessibility in a variety of settings.

Benefits

Additional layer of security
Two-factor authentication introduces an additional layer of protection beyond the standard login and password, which significantly increases the security of user accounts.
Physical hardware security
The requirement for authentication via hardware security ensures that access to the system is only possible after physical proof of identity.
HTTPS configuration
Enforcing encrypted HTTPS communication increases the security of data transmission, eliminating the risk of sensitive information being intercepted during login.
Full technical support
Administrators receive support in the process of generating an SSL certificate and configuring Apache Tomcat, making it easy to properly implement and maintain a secure environment.
Integrations
Available integrations with website databases
API
Open APIs available

Discover how EntraID integration in eAuditor 9.2 AI improves identity and access management in your organization!

Zarządzanie infrastrukturą IT i bezpieczeństwem

Poznaj eAuditor podczas bezpłatnej prezentacji