http://msmvps.com/blogs/russel/archive/2007/07/27/two-factor-authentication.aspxI spent last night installing the latest version of AuthAnvil and RWW-Guard on our network. Between the two, we now have a far more secure environment that enforces Two Factor Authentication (TFA) for access to critical accounts and resources. NormalenCommunityServer 2008.5 SP2 (Build: 40407.4157)http://msmvps.com/blogs/russel/archive/2007/07/27/two-factor-authentication.aspx#1110519Tue, 14 Aug 2007 05:53:21 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1110519Matt<p>Agree with xperts64 about MTTM. Not relevant and not realistic to most (if any) corporate remote sites.</p> <p>Another great Strong 2 Factor solution is CAT (Cellular Authentication Token)™. &nbsp;The Token is a java application installed on the users cell phone. &nbsp;The user enters a pin number and access the OTP on the cell phone. &nbsp;Multiple Tokens can be installed on the one cellular device. &nbsp;Very simple to use and real convenient. &nbsp;A device the user always virtually always carries with them.</p> <p>Once a hard token user has experienced CAT they would only reluctantly go back to the old hard token.</p> <div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=1110519" width="1" height="1">http://msmvps.com/blogs/russel/archive/2007/07/27/two-factor-authentication.aspx#1085630Sat, 04 Aug 2007 23:56:00 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1085630Charlie Russel<p>While a theoretical Man in the Middle (MITM) attack is possible, it requires a phishing site that a user would be willing to use and that used the same OTP mechanism. Not relevant or realistic to most (if any) corporate remote sites. Definitely something to think about with a commercial site, where it would need to be combined with additional layers of protection. </p> <div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=1085630" width="1" height="1">http://msmvps.com/blogs/russel/archive/2007/07/27/two-factor-authentication.aspx#1070429Sun, 29 Jul 2007 16:18:34 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1070429mitmwatcher<p>I was wondering You might of heard of a Active MITM attack which will lame all these OTPs..It is no great Rocket Science to automate this attack as kits are found in underground </p> <div style="clear:both;"></div><img src="http://msmvps.com/aggbug.aspx?PostID=1070429" width="1" height="1">http://msmvps.com/blogs/russel/archive/2007/07/27/two-factor-authentication.aspx#1063514Sat, 28 Jul 2007 03:50:03 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1063514Scorpion Software Corporate Weblog<p>If you follow the world of 64bit computing, you know Charlie Russel. He is a popular author of many computer books (I think there are like 40 you can buy up on Amazon) and is well regarded in his circle of influence. I find myself a fan of much of his</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1063514" width="1" height="1">http://msmvps.com/blogs/russel/archive/2007/07/27/two-factor-authentication.aspx#1062112Fri, 27 Jul 2007 19:25:10 GMTd67277c4-116b-43f1-b688-e9ef184ea916:1062112E-Bitz - SBS MVP the Official Blog of the SBS "Diva"<p>I still remember the stories by Steve Riley about the deployment issues with Biometrics. Everyone sees</p> <img src="http://msmvps.com/aggbug.aspx?PostID=1062112" width="1" height="1">