I was talking about how I wanted to integrate the 2FA (two factor authentication) into my Windows Home Server. As luck may be, there is a third party plug available from:
TwoFactor WHS
http://twofactorwhs.codeplex.com/
I had evaluated it and concluded that it is nothing more than just changing the index.html on the web server actually. However, the biggest hurdle here is that the solution I wanted to integrate does not work with this plugin:
PhoneFactor
http://www.phonefactor.com/
According to a post. it is "suggested" to the developer by probably another developer from PhoneFactor to integrate this:
http://twofactorwhs.codeplex.com/Thread/View.aspx?ThreadId=61471
Looks like its more work for me. I probably have to to some work to get PhoneFactor working.
Ok, let's take a look why I want to use PhoneFactor.
Firstly, its using Phone as a authentication mechanism, which is OOBA (Out-Of-Band authentiocation). This word is going to get even more popular soon than 2FA. Because ultimately, traditional 2FA (SMS, token etc) still uses the same channel (application, web) to perform the second level authentication. However, PhoneFactor uses the phone. It is kind of a IVS actually. But I never said this require a very complicated solution.
So, secondly, PhoneFactor actually offers a pack for 25 users for FREE. And this fits nicely into WHS, because the cap for the WHS is only 10 users.
Thirdly, it offers FREE calls in some countries listed here:
http://www.phonefactor.com/products/global-services
And well, ok, my country is listed here. So, it is much more cost saving. Actually, to be honest, if I had to pay a cent for 2FA, I probably wont even think about it.
Lastly, it is token free. This is just not so handy (and costly) to have a token etc. The phone, I always have with me.
So, after kinda "selling" for PhoneFactor, maybe you are also interested to try it out for some of your application and share your experience?
No comments:
Post a Comment