Put The User In Control
At any time end users can choose to change their token type to any type allowed by your security team. Switching to a new type or re-enrolling an existing type automatically deletes the old method from the server. Upgrading your smart phone is simply a case of authenticating with your old phone and enrolling your new one. The old phone is then safe to sell on as passcodes on them are no longer valid.
Each authentication sends the next required one time code so there is always one available, the new code is inserted into the old message.
Ideal for users with intermittent phone signal or who experience delays receiving SMS messages.
SMS Real Time
The one time code is sent after the user enters their pin or password as a “Flash” message that is displayed directly on the phone screen.
Ideal for users that only authenticate occasionally or that always have a signal when authenticating and don’t experience SMS delays.
SMS Three Codes
Three one-time codes are sent in each SMS message, used codes are dynamically replaced within the same message.
Recommended for users that maybe out of range of a phone signal for multiple days.
Reusable codes are sent every 1 – 90 days (configurable) at a fixed time of the day and can be reused for the configured number of days + 24 hours to allow for delivery delays.
This method is recommended for users authenticating many times a day who could be out of range of a phone signal for long periods of time.
Soft Token for laptops (Microsoft / Mac)
User has an icon in the bottom right (Windows) or top menu bar (Mac). When pressed it displays a one-time code that changes every 30 seconds.
Recommended for users with desktops or laptops that only authenticate from this device or always carry their laptop with them. More info…
Voice Call (coming in version 7 Q1 2013)
The user first enters their pin or passcode, after which a six digit passcode is displayed. At the same time a phone call is automatically made. The user answers the phone and enters this passcode on the phones keypad.
Recommended for users that only have access to a land line or don’t have a smart phone and can’t receive SMS reliably.
Each authentication emails the next required one time code so there is always one available. Emails are sent via TLS encryption if supported by the recipient’s mail server.
Ideal for users that can access email before authentication and trust the email environment for example Blackberry users.
Email Real Time
A one-time code is emailed after the user enters their pin or password. Emails are sent via TLS encryption if supported by the recipient’s mail server.
Ideal for users that can receive emails without delay before authentication and trust the email environment.
Email Three Codes
Three one time codes are sent in an email message after each authentication.
Recommended for users that may not be able to update their email for multiple days.
Reusable codes are emailed every 1 – 90 days (configurable) at a fixed time of the day and can be reused for the configured number of days + 24 hours to allow for delivery delays.
This method is recommended for users with access to email before authenticating that login many times a day or may not be able to update their email for long periods.