Blog Feed
Two-Factor Authentication in Online Gambling
Online gambling laws aim to ensure that gaming is conducted honestly, competitively, and without fraudulent practices. In this regard, the major iGaming regulatory authorities always recommended online gambling platforms enable two-factor authentication for their end-users. Moreover, in January 2022, the use of two-factor authentication in iGaming has become mandatory. The Divisions of Gaming Enforcement (DGE), including the New Jersey DGE, Delaware DGE, and Nevada Gaming Control Board, oblige iGaming platforms to enable two-factor authentication for their users. According to the DGE Cyber Security Best Practices, this step is necessary to reduce the risks of identity fraud, payment fraud, and charge back cases in iGaming since more and more online gambling websites experience hacking through fraudulent account access. Protectimus two-factor authentication solution and OTP tokens are easy to integrate with any iGaming software using API, SDK, or an integration plugin. You can protect both the in-house infrastructure of your iGaming business and the end-users accounts with one MFA setup. Two-Factor Authentication Solutions for iGaming Platforms Below we explain how two-factor authentication works and what online risks it prevents and describe all the nuances you need to consider before implementing two-factor authentication to secure your online gaming platform and users. Table of contents How two-factor authentication works Why two-factor authentication is mandatory in online gambling How to add two-factor authentication into your online gaming platform Best practices for implementing 2-factor authentication in iGaming How two-factor authentication works In a nutshell, two-factor authentication is a process that allows the users to prove that they are who they claim to be by presenting two different authentication factors. There are three possible types of authentication factors: something the user knows – usually a password; something the user has – usually a one-time code from the OTP token; something the user is – usually a fingerprint or face ID. Typically, a combination of a password (something the user knows) and a one-time code from the auth token or phone (something the user has) is used for 2-factor authentication. Protectimus allows delivering one-time codes via chat-bots in Messenger or Telegram, SMS, email. Also, the two-factor authentication apps and hardware authentication tokens are available. Read more about different two-factor authentication methods here. Two-factor authentication is used in online gaming security to prevent phishing, social engineering, man-in-the-middle, and brute-force attacks. Even if a fraudster manages to get a user’s password, there is no sense in using it, as the user’s account remains protected with the one-time code valid for 30 seconds. To check one-time passwords, a two-factor authentication server is used, which is integrated with the iGaming solution. The scheme of interaction between the authentication server and OTP tokens is presented below. Why two-factor authentication is mandatory in online gambling Since the popularity of online games began to skyrocket, attackers have focused their efforts on hacking poorly protected online gaming accounts. Credentials stuffing attacks, phishing, brute force, keyloggers, and social engineering are used to get fraudulent access to the gamers’ accounts and then use them for different malevolent activities that vary from payment fraud and identity fraud to money laundering. Online gambling websites collect a lot of personal information from their players to verify their identity remotely. Unfortunately, this is precisely the kind of information needed for identity theft. There isn’t much difference between establishing your identity through...
read moreHardware Tokens for Azure MFA
There are currently two ways to implement an Azure hardware token for Azure Multi-Factor Authentication: With classic OATH tokens for Azure MFA with hard-coded secret keys, such as Protectimus Two. To make use of one of these you’ll need Azure AD Premium P1 or P2 license. With a programmable hardware token for Azure MFA Protectimus Slim NFC or Protectimus Flex which is a replacement for an authentication app from Microsoft. This Azure cloud MFA hardware token does not require a premium subscription account. In this article, we will describe how to set up both types of hardware tokens for Azure token-based authentication. All three devices can be bought here. Buy hardware token for Azure MFA Classic OATH hardware tokens for Azure MFA – how to set up Currently, Azure AD supports tokens with passwords not longer than 128 characters and password life-span of 30 and 60 seconds. Protectimus Two hardware OTP tokens fit these requirements. Once you choose and receive the Azure MFA OATH token you prefer you need to register your token with Azure. Below is the step-by-step guide on this simple process: Step 1. Prepare a CSV file that includes your UPN (user principal name), the serial number of the hardware token Azure MFA, the seed (secret key), time interval, make and model of the Azure AD MFA hardware token. Make sure to include a header row, the result should look something like this: Step 2. Once the CSV file is created and properly formatted it has to be imported. Go to Azure Portal and browse to Azure Active Directory, then to Security and to Multi-Factor Authentication. On the MFA page choose OATH tokens and click the “Upload” button. Upload your CSV file; the upload process might take a few minutes. Step 3. Click the “Refresh” button. If the CSV file was uploaded successfully you will see a list of your Azure AD hardware tokens, if the file had an error you will be notified on the same page: File uploaded successfully: File uploaded with errors: Step 4. Now you need to activate your Azure multi-factor authentication hardware token. If you have multiple tokens, you should activate them one by one. Click the “Activate” button at the lattermost column on the right and enter the password generated by the corresponding Azure MFA token. After that, click the “Verify” button. Step 5. Once the MFA server accepts your one-time password you will get a message confirming the activation of the Microsoft Azure token you selected from the list and there should appear a check mark in the corresponding “Activated” column. Now your token is successfully activated and can be used to log in. Step 6. 2FA settings in the user account. OATH tokens will be automatically set as a main 2FA method. NOTE! If any other 2-factor authentication method is registered for a user, they can use several two-factor authentication methods at once. For example, I activated a 2FA app Protectimus SMART as a 2FA methos, in this case, both one-time passwords from hardware token and 2FA app will work when I enter any of them in this field: If you want to use only a hardware OATH token for Azure 2-factor authentication, login to your account and deactivate other two-factor authentication methods. Go to your account settings...
read moreHow to Backup Google Authenticator or Transfer It to a New Phone
Our regular readers know that we strongly recommend applying two-step verification wherever it’s possible. In the contemporary world, where database leaks are a standing affair, two-step authentication is not an option, it is, in fact, a must. If you use two-factor verification, an intruder would need to get both the unique password you came up with, and the gadget, which produces the verification codes, to break into your account. Thus, two-factor authentication protects from brute force, keyloggers, most cases of phishing and social engineering. It also complicates man-in-the-middle and man-in-the-browser attacks. So why two-factor verification is still unpopular? Sure, it creates an extra step to take to log in, but most users omit it not because of this extra time and effort, but because they are afraid of losing access to their credentials if something goes wrong with their authentication devices. “As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace.” – Newton Lee, Counterterrorism and Cybersecurity: Total Information Awareness From all available options of one-time passwords generation or delivery (SMS, emails, hardware and software tokens) most people choose Google Authenticator or other similar applications like Authy, Protectimus Smart etc. Operating principle is pretty much the same for all the software OTP tokens – they generate authentication codes for logging into your account right on your smartphone. Buy Hardware Google Authenticator for $29.99 It’s very convenient to use the smartphone for two-factor verification, but there are always these nagging questions: What do you do if you lose the smartphone which generates your one-time passwords? What occurs if you switch smartphones, do you lose the entire account? How do you transfer Google Authenticator to a new phone? In this article, we will answer these nagging questions and help you protect your invaluable personal data. | Read also: How does 2-factor authentication work? 3 ways to backup Google Authenticator 1. Backup codes Google, as well as some of the other websites where you can protect your user account with two-step authentication, provides backup codes. These are the one-use codes that allow you to login into your account if you lose access to your OTP token. After you use a backup code once it’s gone for good. Most people print out these Google Authenticator backup codes and keep them at hand. It is imperative to understand that Google Authenticator is a multi-token, thus you can enroll many tokens for various websites using one app. Some of these websites provide backup codes, and a user can gain access to these websites if his/her smartphone is lost. But what do you do with the websites which do not support backup codes? Another point against Google Authenticator backup codes is – they are as secure as a password written down on a paper. An intruder can easily copy them if they are in physical vicinity and use them to gain access to your account. Granted, the intruder will have to be among your peers and know the user password, but you know… things happen. Other things that you might want to keep in mind when it comes to printed out backup codes: You do not have them at hand at all times You can lose the paper or destroy it by mistake Only a few services provide them Google Authenticator backup codes...
read moreTop 5 Two-Factor Authentication Products by Protectimus
Protectimus is one of the biggest and most reliable two-factor authentication providers. We’ve been developing cutting-edge 2FA solutions since 2014. Being a coordination member of the OATH Initiative for Open Authentication, Protectimus is one of the strongest voices in the propagation of ubiquitous strong authentication. The main problem Protectimus works on is perfecting multi-factor auth solutions, to make 2FA easier, cheaper, and safer for everyone. All the products we will list below fulfill at least one of those goals. Protectimus Winlogon This is one of the best 2-factor authentication solutions for Windows user accounts and remote desktops currently on the market. The Protectimus Winlogon 2FA solution provides access protection for computers running Windows 7, 8, 8.1, 10 and 11. It will also protect local or remote access to a terminal Windows Server 2012, 2016, 2019, 2022 over RDP. The most brilliant feature of Protectimus Winlogon is that it works even if the computer is not connected to the Internet. This is achieved with the help of backup codes. Normally, the Protectimus Winlogon component communicates with the Protectimus two-factor authentication server to validate one-time passwords. A network connection is required for that. So if the user is unable to connect to the Internet, they can’t log in to their account. But with the backup feature, the user can generate and save a backup code when installing the component. And then use that code instead of a one-time password to log into the account in offline mode. There are, of course, other features worth mentioning: Auto registration of users and tokens;Mass installation on several computers ;Better RDP access (2FA can be switched off for Windows with one-time password asked for RDP only; one- or two-factor auth can be set up for RDP);RDP access filtering with IP and IP access control;Different access policies for RDP and Winlogon;PIN support in Windows 10;Microsoft account support. Protectimus Winlogon setup does not require any special knowledge and can be done in about 15 minutes. The solution is perfect both for corporate and personal use. | Read more: Two-factor authentication for Windows 7, 8, 10, 11 Protectimus Slim NFC and Protectimus Flex These are the first programmable tokens on the market. These hardware tokens are available in card form (Protectimus Slim NFC) and key fob form (Protectimus Flex). Designed as a safer alternative for MFA applications, these devices can be used to protect almost any account. From Google and Office 365 to Azure MFA and 2FA Protectimus system itself. Programmable hardware tokens, unlike the classic ones, can have the seed programmed into the token by the end-user via NFC. These tokens work just like a multifactor authentication app. But the devices can be used to protect one account at a time. And they can be reused, namely, disconnected from one account and connected to another. As we’ve already mentioned, programmable hardware tokens are a much safer alternative to the MFA apps. The one-time passwords for MFA are generated not on the users’ smartphones, but on the tokens. And the tokens have no internet connection, they can not be infected by any viruses. Intercepting such a password is virtually impossible. Both Protectimus Slim NFC and Protectimus Flex come with the time synchronisation feature. This allows us to avoid the time drift problem, the common issue with all TOTP hardware...
read moreAdaptive Authentication or How to Make 2FA Convenient for Users
Any of us is interested in protecting confidential data from becoming the public domain on the web. Especially from people who are looking for such information for fraudulent purposes. The effective methods to avoid the invasion of online privacy are already known. And one of the most accessible ways is protecting access to your accounts with two-factor authentication. But… unfortunately, people don’t always use this option if it’s not mandatory. Just because two-factor authentication is not convenient. Adaptive authentication (or Intelligent Identification as we call it in Protectimus) is a way to organize two-factor authentication so that it becomes convenient for end-users. Adaptive authentication means analyzing behavioral factors typical for the user and asking for a one-time password only if a large number of mismatches is detected. Why nobody likes two-factor authentication Let’s imagine that every time you want to check what’s new on your Facebook account protected with 2FA, you have to go through a complete account login procedure: Enter your login and password. Then wait for an SMS with a one-time password or use your token to generates it. Then, you also need to enter this one-time password into the login form. How much time will this procedure take? And all this is just to browse the news and messages from friends? According to the NordPass research, an average Internet user has around 80 accounts protected with passwords. Of course, people are not ready to follow the procedure described above every time they want to enter their accounts on every website they use. Especially if we talk about the services used many times a day, like social networks or email. That is why users always choose between simplicity and security and often not in favor of the latter. To make the authentication process more user-friendly, adaptive authentication has been invented – an authentication based on behavioral factors analysis. | READ ALSO: SMS Authentication: All Pros and Cons Explained What is adaptive authentication The system of adaptive authentication keeps a record of certain parameters of the device a person uses to access their account. If the analysis of the behavioral factors shows the typical behavior of the user, the login is automatic. And if one or more of them violate the usual ‘course of events, the request for additional confirmation of the user’s identity is needed. In the case of two-factor authentication, it is required to enter a one-time password. For example, let’s recall what happens when you log into your Gmail account. If you use the same device and the same browser, you don’t need to enter your credentials every time you check the mail. But when you try to log in to Gmail from another computer or another browser on the same device, the system will necessarily require entering your password. Sometimes you will also need to answer a secret question or use your OTP token if two-factor authentication is enabled. Google will even send a message about a suspicious sign-in attempt The basis of adaptive authentication consists of behavioral characteristics relatively constant for each user. Among the parameters monitored by the system can be the following: name and version of the browser;the list of installed plug-ins;IP address, location of the computer;the input language;typical session time, a list of opened tabs and other behavioral characteristics of...
read moreHow to Enable Protectimus Self-Service Portal
The Protectimus two-factor authentication service and on-premise platform offer a self-service feature that allows users to independently perform a number of actions related to issuing and managing their OTP tokens and their own data. The system administrator determines which actions are available to users. The list of possible actions includes: registration of new tokens;registration of existing tokens;re-assigning the tokens;unassigning the tokens;tokens synchronization;PIN setup;removing PIN;creating passwords;changing passwords;changing email addresses;changing contact phone numbers;changing logins;changing first names and last names;managing user environment. In this article, we’ll show you how to enable the Protectimus Self-Service Portal. No matter which type of authentication server you choose – the Protectimus SAAS Service or the Protectimus On-premise Two-Factor Authentication Platform, the process of enabling the self-service portal is the same. | Read also: On-Premise 2FA vs Cloud-Based Authentication Important to Know Before Enabling the MFA Self-Service Portal The self-service portal must be enabled and configured separately for each resource. Users must be assigned to an appropriate resource in order to have access to the self-service portal. Users must additionally have a password in Protectimus system or an email address on record. A verification code will be sent to the registered email address to allow users to log into the portal. If a user has both a password and a registered email address, that user will use the password to log in. After a token is issued for a user and assigned to a resource, the user will also be asked to input a password from the token when logging in. You can specify a password, email address, and other information when creating a user. You can also edit existing user records. To edit a user’s information, find them in the list of users and click the user’s login. After doing so, you’ll be taken to the page for viewing user’s detailed information. Next, navigate to the Actions tab and click the Edit button. Make any necessary changes and save them. Some add-on components, such as Protectimus RProxy, can automatically create users that are preconfigured to use the self-service portal. For example, this occurs when RProxy is set up for Citrix NetScaler Gateway. Enabling the Protectimus Self-Service Feature Navigate to the Self-Service tab To enable the self-service feature, open the resource detailed information page by clicking its name in the resource list. Then, navigate to the Self-Service tab. Specify the address at which users will access the portal When you click the link labeled “Enable User’s Self-Service for This Resource,” a window will appear where you can specify the address at which users will access the portal, as shown below. Enter just the final portion of the address, the portal alias, in the field. The full address to the portal will be the authentication server address plus the alias you specified. For example, if you’re using the Protectimus SaaS service, and you specify “portal” as the alias, the link you give to your users will look like this: https://service.protectimus.com/selfservice/portalIf you are running your own instance of the authentication platform on your own premises, the “service.protectimus.com” portion of the address will be replaced with the address to your platform instance. For example: https://localhost:8080/selfservice/portal Set up the list of actions available to users in the self-service portal After clicking Save, you’ll see the list of actions available to your...
read more5 Steps to Prepare your Business for Multifactor Authentication
MFA is usually viewed as a sensible thing to have, and indeed, sometimes your partners or regulators can request setting multifactor authentication up before you can start operating at full capacity. Well, let’s dive into the main specifics of it! So, you are weighing all pros and cons regarding the implementation of MFA authentication in your business. And naturally, you are leaning towards making the best use of it. Setting multi-factor authentication up can be a daunting task, and we’re here to cover all you’d ever need to know about it: What Is MFA and How It Improves Your Business Security Let us first define what is multifactor authentication in general terms, and how it can help you to protect your business. MFA adds additional protection layers to any authentication attempt your employees and users will make to assign to their accounts. Multifactor authentication is a combination of two or more different authentication factors that your trusted users would use to access their accounts: Knowledge-based, aka passwords and secret questions. Most of the data on the Internet is protected by passwords and choosing a good password can be a challenging task in itself. Learn how to choose a strong password that is easy to remember here. Inherence-based, aka biometrics. This one can include fingerprints, voice recognition, and other biometric data. Possession-based, aka additional stuff that you (and only you) might have. It’s usually a small device that generates one-time passwords — OTP token, a phone, or, for example, a banking card. Also, some additional authentication factors can be used over and above the classic three: Location-based, aka IP verification or geographic filters. It tries to utilize the information regarding the proximity of a device and/or its user regarding other devices that are usually used in the authentication. One particular example here would be checking the network the authentication attempt comes from and comparing its parameters to some trusted value. Action-based, aka adding a requirement for a user to participate in some sort of distinct activity. For example, filling out a CAPTCHA. As you see, multifactor authentication can be a very versatile tool, and it depends on the needs of your particular business which authentication methods to choose. Your chosen MFA solution and types of authenticators will depend on the needs of your particular business which are some very particular things, such as the number of your employees; their degree of personal compliance and responsibility; the laws of the country that your office is stationed in; the sensitivity of the data you utilize; the type of service you provide for your clients, and the possibility of THEM losing any of their data when interacting with your business; any sort of certifications that your line of work might demand (such as PCI DDS for finances or HIPPA if you work in healthcare). So, before setting up any solution you must have this information prepared and organized. And there is always an important thing to keep in mind: MFA can protect your data from malicious actors, but it won’t protect it against destructive negligence. As it asks from its users for more involvement, they tend to do ever less. You must efficiently balance asking and delivering: your chosen solution must be secure enough to do its job, and unobtrusive enough to keep...
read moreSecuring VPN with Two-Factor Authentication
VPN, or virtual private network, is a popular and proven security tool used by companies across the globe to protect remote access to their corporate networks, especially today when almost every company switched to remote work, at least in part. VPN allows the creation of an encrypted link between a user and the company’s private server. And while this secures the corporate infrastructure from the direct attacks of malicious agents, VPNs themselves are still open to hacker intrusion. Here’s where VPN two-factor authentication comes into play. Multi-factor authentication, or MFA, mitigates multiple VPN security risks, protecting the VPN from unauthorized access in case of user credentials theft. Let’s take a closer look at how MFA allows you to establish the best VPN security, how you can set up VPN two-factor authentication, and which VPN authentication methods to choose. Add two-factor athentication to your VPN via RADIUS Why You Should Add 2FA to VPN Connections Let’s consider four main reasons you need to secure your VPN connection with two-factor authentication. 1. VPN Two-Factor Authentication Protects Against Phishing Attacks Among the main reasons you should ensure additional VPN security is the trend of phishing attacks, which are successfully performed by criminals in up to 17% of cases, according to the Duo report. Phishing is a social engineering technique when a hacker contacts a person either via email, SMS, or a phone call, pretends to be a reputable organization representative, and persuades their victim to provide their credentials. Often the phishing email or message may contain an attachment with malware or a link that leads to the fake website, anyway, the main goal of the hacker, who performs the phishing attack is to get the user credentials. If the phishing attack is successful, the hacker may get the login and password required to connect to the corporate system through the VPN. Then, the hacker would be able to enter this user’s profile, and install the malware, or steal sensitive data from the server computer. An extra layer of authentication guarantees that the network cannot be breached by outside players, even if they possess the stolen credentials. VPN two-factor authentication verifies the identity of the user not only by a single password but by a time-based one-time password. It is much harder to steal and use such a one-time password as it’s valid only for 30 seconds, thus guarding against phishing and other security threats (brute force, keyloggers, MITM attacks, etc). If this shows how your relationship is with your employees then you’re doing it wrong. #phishing #employeesstrongestlink pic.twitter.com/sWswvxaeya— Chief Security Protector of Legal Things (@christiantoon) February 14, 2021 2. Two-Factor Authentication Is Required to Reach the Compliance Conditions While two-factor authentication is helpful for every company that uses VPN for security, some need it more than others. The security regulations instruct the companies to ensure a certain security level. For instance, the PCI DSS (Payment Card Industry Data Security Standard) dictates that organizations should actualize two-factor authentication for network access. Using two-factor authentication is also advised for HIPAA (Health Insurance Portability and Accountability Act) conformity. If you’re in the finance or healthcare sector dealing with sensitive data, VPN 2-factor authentication will help you keep your clients’ data private and make sure it does not fall into the wrong hands. 3. VPN 2FA...
read moreRemote Work: Dream or a Threat?
Remote work is a blessing for some people and a real curse for others. In this article, we have collected all the tips to help you organize remote work in your company. We are talking about task trackers, modern communication tools, and the organization of remote access to corporate servers at the same time. We used all our experience to make this difficult task easier for you. What’s important, when organizing a home office for your employees, you should think about cybersecurity. We are ready to help you with risk management to avoid potential hacker attacks and protect all remote network connections from third-party interference. In this article, you’ll find all the answers to feel safe during the COVID-19 remote work (if you’re wearing your mask appropriately, of course). 2020 changed the usual routine for many companies. IT giant Microsoft has sent over 80% of its employees to work from home. Amazon, Facebook, Google, Uber, Twitter, Apple, are no exception. The part of our team is working remotely as well. Some business owners perceive this trend as a real challenge, forcing them to make difficult decisions. We propose to consider this as an opportunity. What if you’re already optimizing your resources and learning about new remote workstation software? It’s time to use absolutely all resources so that the inevitable economic crisis does not become a blow to your company. Table of contents Tools you need for remote workSoftware for remote accessCloud servicesMessaging appsTask managers and Customer Relationship Management systemsSoftware for video calls, presentations, and conference callsIT security threats you should be aware of to work remotelyLeakage of confidential informationMalwareUnauthorized accessCybersecurity: Where do you start?Remote connection protectionTwo-factor authenticationHow to set up two-factor authentication for RDPHow to choose OTP tokens for work from homeSecurity Policies Tools you need for remote work Organizing the work at home, you should provide your employees with all the necessary tools: the software they will use to access their workplaces remotely, such as RDP and VPN clients, etc.;tools they will use to work with the documents remotely, such as cloud services;and services they will use for communication, such as messaging apps, video conferencing software, task managers, and CRM. Let’s delve deeper into this topic and understand what exactly do you need. Software for remote access The first thing you should think about is what will your employees use while working from home? If your team uses corporate laptops, they can simply pick them up from the office for the quarantine period. But what if they are used to working with desktops? Don’t panic, it’s 2020. Remote access is not rocket science these days. Before you get your feet wet, remember that each OS has its characteristics, and you should consider them: Windows. All you need is the Microsoft Remote Desktop which is used to open access to the computer remotely over RDP (Remote Desktop Protocol). It should be already available in your operating system. If not, install Remote Assistance from Microsoft. We explain how to set up an RDP connection securely here. macOS. Apple users can use a regular Screen Sharing app, Chrome’s remote desktop connection, or third-party programs. Linux. TeamViewer, AnyDesk, and similar software are perfect for working under this operating system. Note that large companies can go even further. Citrix, VMWare, and Cisco offer...
read moreNew Programmable TOTP token Protectimus Flex
Listen to this article You asked, and we delivered – the new programmable TOTP token Protectimus Flex in a key fob format is already here! Unlike our other popular programmable hardware token Protectimus Slim NFC, the new Protectimus Flex TOTP token comes in the form of a key fob. This makes our latest two-factor authentication hardware token more comfortable to use, and more durable. The security token can easily be fastened to your keys, this way you won’t forget it, or lose it. There is a bonus feature in the new gadget — it has a battery indicator. This makes it easier to understand when it’s time to order a replacement. Order OTP token Protectimus Flex Similar to Protectimus Slim NFC, the new hardware token device requires an Android phone with NFC to burn the secret key (seed) into the device. Protectimus Flex supports secret keys no longer than 32 symbols in the Base32 numeral system. And the new TOTP authenticator can generate OTP passwords for any website that supports MFA apps, so you don’t have to install Protectimus MFA platform to work in conjunction with it. How the new TOTP hardware token Protectimus Flex works A hardware security token is typically a small device with a window display. These gadgets are roughly divided into two types: So-called classic tokens, they are delivered with the seed hardcoded and the user cannot change it.And programmable ones, a programmable TOTP token is designed for a seed to be written into it multiple times. Simply put — programmable physical token functions just like any MFA app software token (but note that unlike an MFA app one programmable hardware token can store only one secret key). These devices are safer than an app, since a one time password is generated not on a smartphone, but on a device which has no Internet connection, thus, cannot be infected by any viruses. So programmed hardware token authentication often replaces those apps for better-safeguarded OTP authentication. Besides, programmable TOTP token Protectimus Flex supports time synchronization feature. When you add the secret key into the token, the Protectimus TOTP Burner application automatically sets the exact current time on the token. This feature allows avoiding the time drift problem that is a common thing with TOTP hardware tokens. Physical programmable tokens are our specialty. And while Slim NFC is in high demand, its form factor of a card is slightly uncomfortable for some customers. Form is the main difference between Slim and Flex, the mode of action of both devices is the same. We’ve already written about the TOTP algorithm, which the programmed tokens operate on. If you want to know every detail behind TOTP you can read it here. And for a better understanding of the distinctions between classic and programmed physical tokens, as well as a detailed description of a programmable device we’d like to refer you to this article. Which sites can Protectimus Flex hardware 2FA token be linked to? A seed no longer than 32 Base32 symbols can be added into the programmable OTP hardware token Flex. The gadget can be used for TOTP MFA setup for one website, app, or service at a time. So, if the website aligns with these criteria then this TOTP hardware authenticator can be utilized for this website....
read more