multi-factor authentication in password resets

Turn mobiles into high-trust devices

(Last updated on August 2, 2018)

Passwords have well-known drawbacks for user authentication. They are hard to remember and easy to hack. Organizations are increasingly adopting two-factor or multi-factor authentication to strengthen passwords and safeguard online information.

The high-trust device in your pocket

It the past, hardware tokens have been a common method for multi-factor authentication but this comes with high purchase and distribution costs. Moreover, when users use more than one multi-factor authentication system, they are required to carry various hardware tokens which are likely to get lost or stolen.

Forget about expensive hardware tokens or weak security questions – you have a high-trust security device already in your pocket. Mobile phones can provide multi-factor authentication to identify users for secure process such as resetting passwords.

High-trust security devices

A more economical and secure alternative is the mobile phone. Mobile phones are widely used today and accordingly to the forecast by the telecom vendor, Ericsson, there will be nine billion mobile phones in 2017. By replacing the traditional hardware tokens with something the majority of people already have, you are taking advantage of existing hardware without any additional investments. Using mobile phones as the second authentication factor also increases security because people are less likely to lose them.

What are the ways you can use mobile phones for multi-factor authentication?

  • Mobile one time password (OTP)

The user will launch the application that generates an OTP that is valid for a limited time to get access.

  • Mobile Verification Code

Similar to OTP, but instead of clicking on an application, users make a request and receives a mobile verification code via an SMS message. After providing their passwords and the mobile verification code, they can then proceed to resetting their passwords.

Self service password reset vendors that leverage mobile phones as an authentication method increase security and lower costs. Specops uReset ™, a self service password reset tool, turns mobile phones into higher-trust security devices and fends off hackers with the need to obtain both the password and the mobile phone.

Does added security need to drive up costs? No! Specops uReset uses mobile phones as a second form of authentication and therefore does not incur the cost of acquiring and managing hardware tokens. It allows admin to automatically enroll users with their mobile phones numbers saved in Active Directory. Users can start using Specops uReset without going through an enrollment or registration process first.

Tags: , , ,

Back to Blog