<\/p>\n\n\n\n
<\/p>\n\n\n\n
How 2-Factor Authentication Works<\/strong><\/h2>\n\n\n\nUnlike single-factor authentication, which requires only a passcode, multi-factor authentication requires two, or all three of the next determinants:<\/p>\n\n\n\n
- Something you know, which is your user password<\/a>;<\/li>
- Something you possess, which is your MFA security device or token<\/a>;<\/li>
- Something you are, or your biometrics<\/a> for TouchID, FaceID, and the like.<\/li><\/ul>\n\n\n\n
For MFA authentication to validate the user’s identity, the user’s token and multi-factor authentication server are required to share a secret key. So, any OATH 2FA authentication<\/a> will work like this:<\/p>\n\n\n\n- The server and the user share a secret seed.<\/li>
- The user logs in the application or website protected with MFA and enters the user login credentials.<\/li>
- What happens next rests on the 2FA algorithm used. Either the user’s token mixes its secret key with the running time (TOTP<\/a>), or with a counter (HOTP<\/a>), or utilizes the challenge\/response algorithm (OCRA<\/a>). The token then provides the end-user with an OTP to enter on the protected website.<\/li>
- The server goes through the same key+counter\/time\/challenge process and compares both values. If the values received from the token and the server are the same, the user is granted access.<\/li><\/ul>\n\n\n\n
![\"How](\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/10\/2-factor-authentication.png\")
<\/figure><\/div>\n\n\n\n<\/p>\n\n\n\n
And, as we’ve already established, a two-factor authentication vendor can set up an MFA server either in the cloud or locally in the client’s environment. Now let’s look closer into cloud vs on-premise multi authentication.<\/p>\n\n\n\n
<\/p>\n\n\n\n
| Read also:<\/span> Two-Factor Authentication Solutions Comparison: Google Authenticator vs. Protectimus<\/a><\/p>\n\n\n\n<\/p>\n\n\n\n
On-Premise 2FA Pros and Cons<\/strong><\/h2>\n\n\n\nMost 2-factor authentication providers offer on-premise solutions to those clients who need full control over all their systems and operations and have rigorous security policies. Local multi-factor authentication software installation allows the utmost protection for your server and your users. An on-premise 2FA server does not require any connection to the Internet and other outside networks, thus you can set it up on an isolated network.<\/p>\n\n\n\n
![\"Protectimus](\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/Protectimus-on-premise-platform.png\")
<\/figure><\/div>\n\n\n\n<\/p>\n\n\n\n
With on-premise 2FA not only do you have the fullest control over the system’s operations, databases, and all the sensitive data, you also have full knowledge of the platform’s equipment. This gives you many advantages, starting with the confidence in the system’s efficiency, and ending with the ability to quickly fix any issues if they occur.<\/p>\n\n\n\n
Naturally, local MFA setup comes with all the reporting tools you might require, including those for gathering stats, managing users and secret keys, etc. And if you need any custom features Protectimus team can add them for you.<\/p>\n\n\n\n
We can not say for every 2FA provider on the market, but the Protectimus On-premise Platform<\/a> is very versatile. The platform runs on any major operating system like Windows, Linux, FreeBSD, etc. And it supports Google Chrome, Mozilla Firefox, Internet Explorer. We comply with every industry standard and uphold all the major OTP algorithms (HMAC, HOTP, TOTP, OCRA).<\/p>\n\n\n\nOf course, there are drawbacks. You will have to spend quite a lot of time, money, and effort to set up the environment for an on-premise 2FA server. You will then have to maintain it, which requires time and qualified human resources.<\/p>\n\n\n\n
<\/p>\n\n\n\n
| Read also:<\/span> Active Directory Two-Factor Authentication with Protectimus DSPA<\/a><\/p>\n\n\n\n<\/p>\n\n\n\n
Cloud-Based Two Factor Authentication Pros and Cons<\/strong><\/h2>\n\n\n\nFor a smaller sized business, there are a lot of pros in cloud-based authentication solutions. Cloud authentication service, often referred to as SAAS authentication, does not require quite as many resources as an on-premise multifactor authentication service. You do not have to set up an environment for it, get expensive equipment, and hire experienced personnel to maintain it all. A cloud service MFA server component is ready to use out of the box.<\/p>\n\n\n\n
![\"Protectimus](\"https:\/\/www.protectimus.com\/blog\/wp-content\/uploads\/2020\/06\/Protectimus-cloud-service.png\")
<\/figure><\/div>\n\n\n\n<\/p>\n\n\n\n
Two-factor authentication SAAS is fast, modern, and convenient. The integration cloud service from Protectimus offers is very quick and painless, all you need to do is register and start the integration.<\/p>\n\n\n\n
Another plus to cloud MFA is the cost of the service itself, you pay only for the things you actually use. Protectimus two-factor authentication cloud service<\/a> can be deactivated at any time. You can also modify the service plan whenever you find it necessary.<\/p>\n\n\n\nAs with the on-premise solution our cloud two-factor authentication service comes with all the tools you will need for reporting, monitoring, and managing.<\/p>\n\n\n\n
Of course, as with everything else, there are downsides. You have to be absolutely sure about your cloud service provider. If your business has government security regulations to consider, cloud might not be within those regulations. You do not have any control of the equipment, downtime, and other unforeseen issues. We at Protectimus do everything to make sure our SAAS authentication and authorization service runs 24\/7 with no hiccups, but no one is completely immune.<\/p>\n\n\n\n
<\/p>\n\n\n\n
| Read also:<\/span> Duo Security vs Protectimus<\/a><\/p>\n\n\n\n<\/p>\n\n\n\n
Conclusions<\/strong><\/h2>\n\n\n\nBoth on-premise and SAAS MFA server solutions are easy to integrate, both support every 2FA algorithm and all types of tokens, both options are secure. So how do you choose which one to go for?<\/p>\n\n\n\n
Consider the size of your company, the resources you are ready to part with, the amount of control you require, and the customizations you might need.<\/p>\n\n\n\n
For MFA authentication to validate the user’s identity, the user’s token and multi-factor authentication server are required to share a secret key. So, any OATH 2FA authentication<\/a> will work like this:<\/p>\n\n\n\n <\/p>\n\n\n\n And, as we’ve already established, a two-factor authentication vendor can set up an MFA server either in the cloud or locally in the client’s environment. Now let’s look closer into cloud vs on-premise multi authentication.<\/p>\n\n\n\n <\/p>\n\n\n\n | Read also:<\/span> Two-Factor Authentication Solutions Comparison: Google Authenticator vs. Protectimus<\/a><\/p>\n\n\n\n <\/p>\n\n\n\n Most 2-factor authentication providers offer on-premise solutions to those clients who need full control over all their systems and operations and have rigorous security policies. Local multi-factor authentication software installation allows the utmost protection for your server and your users. An on-premise 2FA server does not require any connection to the Internet and other outside networks, thus you can set it up on an isolated network.<\/p>\n\n\n\n <\/p>\n\n\n\n With on-premise 2FA not only do you have the fullest control over the system’s operations, databases, and all the sensitive data, you also have full knowledge of the platform’s equipment. This gives you many advantages, starting with the confidence in the system’s efficiency, and ending with the ability to quickly fix any issues if they occur.<\/p>\n\n\n\n Naturally, local MFA setup comes with all the reporting tools you might require, including those for gathering stats, managing users and secret keys, etc. And if you need any custom features Protectimus team can add them for you.<\/p>\n\n\n\n We can not say for every 2FA provider on the market, but the Protectimus On-premise Platform<\/a> is very versatile. The platform runs on any major operating system like Windows, Linux, FreeBSD, etc. And it supports Google Chrome, Mozilla Firefox, Internet Explorer. We comply with every industry standard and uphold all the major OTP algorithms (HMAC, HOTP, TOTP, OCRA).<\/p>\n\n\n\n Of course, there are drawbacks. You will have to spend quite a lot of time, money, and effort to set up the environment for an on-premise 2FA server. You will then have to maintain it, which requires time and qualified human resources.<\/p>\n\n\n\n <\/p>\n\n\n\n | Read also:<\/span> Active Directory Two-Factor Authentication with Protectimus DSPA<\/a><\/p>\n\n\n\n <\/p>\n\n\n\n For a smaller sized business, there are a lot of pros in cloud-based authentication solutions. Cloud authentication service, often referred to as SAAS authentication, does not require quite as many resources as an on-premise multifactor authentication service. You do not have to set up an environment for it, get expensive equipment, and hire experienced personnel to maintain it all. A cloud service MFA server component is ready to use out of the box.<\/p>\n\n\n\n <\/p>\n\n\n\n Two-factor authentication SAAS is fast, modern, and convenient. The integration cloud service from Protectimus offers is very quick and painless, all you need to do is register and start the integration.<\/p>\n\n\n\n Another plus to cloud MFA is the cost of the service itself, you pay only for the things you actually use. Protectimus two-factor authentication cloud service<\/a> can be deactivated at any time. You can also modify the service plan whenever you find it necessary.<\/p>\n\n\n\n As with the on-premise solution our cloud two-factor authentication service comes with all the tools you will need for reporting, monitoring, and managing.<\/p>\n\n\n\n Of course, as with everything else, there are downsides. You have to be absolutely sure about your cloud service provider. If your business has government security regulations to consider, cloud might not be within those regulations. You do not have any control of the equipment, downtime, and other unforeseen issues. We at Protectimus do everything to make sure our SAAS authentication and authorization service runs 24\/7 with no hiccups, but no one is completely immune.<\/p>\n\n\n\n <\/p>\n\n\n\n | Read also:<\/span> Duo Security vs Protectimus<\/a><\/p>\n\n\n\n <\/p>\n\n\n\n Both on-premise and SAAS MFA server solutions are easy to integrate, both support every 2FA algorithm and all types of tokens, both options are secure. So how do you choose which one to go for?<\/p>\n\n\n\n Consider the size of your company, the resources you are ready to part with, the amount of control you require, and the customizations you might need.<\/p>\n\n\n<\/figure><\/div>\n\n\n\nOn-Premise 2FA Pros and Cons<\/strong><\/h2>\n\n\n\n
<\/figure><\/div>\n\n\n\nCloud-Based Two Factor Authentication Pros and Cons<\/strong><\/h2>\n\n\n\n
<\/figure><\/div>\n\n\n\nConclusions<\/strong><\/h2>\n\n\n\n