Register now or log in to join your professional community.
In general the two factor authentication is exactly as what Mr. Yassine Esserkassi has explained in his answer.2Factor Authentication (2FA) is like using something like smart cards, one-time passwords or anyother method along with the usual username and password authentication. But in windows servers this could also be useful when using Remote Desktop (RD) WebAccess, where you share your whole desktop on internet. You can achieve these feature using RD webaccess servers along with RD Gateway. The below will take you through much more details regarding this.
http://technet.microsoft.com/en-us/library/cc770330.aspx
http://microsoftplatform.blogspot.in/2011/06/what-new-features-or-improvements-would.html
http://microsoftplatform.blogspot.com/2011/05/force-use-of-rd-webaccess-block-direct.html
I am agree with all of them about Two factor authentication. The purpose of this Authnetication is to provide hard core security to your credentials. Now a days Using only username and passwords for authentication is no more a secured way to protect systems or services. we need some thing more than username and passwords like biometric readings, smart cards, one time passwords-OTP through SMS or email. All these aims to prevent unauthorized access.
Authentication is a method of access control to a system. A user can pass the authentication by providing the authentication factor(s) such as the password (only the user knows it) (knowledge factor) or an ID (only the user has it) (possession factor) or a fingerprint (only the user has it) (inherence factor). All these factors are used to apply security in access control.
Two factor authentication helps protect your account by making it more difficult for a hacker to sign in, even if they've somehow learned your password. The second factor prompts you to enter a security code to sign in. This security code can be sent to your phone or your alternate email address, or you can obtain one through an authenticator app on your smartphone or any other3rd party security method such as smartcards, usb dongles etc.
Since the evolution of database hacking & intrusion techniques, the simple authentication has become vulnerable. The two factor authentication has been introduced as a strong and secure way to authentify a authorized user, because it adds another element of authentication to your simple authentication method. It's based not only on informations that you should know (like a username/password), but also, on an element that you should have, for example, a smartphone, a card, etc. Now, the two-factor authentication requires you to provide two elements of authentication instead of one to prove who you really are. A simple example of this technique in our everyday life is the credit card, in order to access your bank account, you need to use something that you have (your credit card), and something that you know (your pin code). Even if it's stolen, the thief cannot access you bank account. This way, it's more secure, and simple to use. Hope my explanation helps.
Two-factor Authentication is a method of strong authentication requiring two different forms of identification instead of the traditional single password.
Two-factor authentication solves a lot of problems. Some of them include:
Given all of the advantages of two-factor authentication, you have to wonder why it’s not universally deployed on all networks, regardless of size. There are several reasons why this is the case, the two major ones being:
