EFY Times  
Saturday, November 22, 2014

 
GO
 
 

Tokenless Two-Factor Authentication Defies “Heartbleed”
 
Home >> Infotech >> Technology
 
Tokenless Two-Factor Authentication Defies “Heartbleed”  
 
   
Rate this news:  (0 Votes)
Thursday, April 17, 2014 The existence of Heartbleed, a vulnerability in the OpenSSL open source software, was recently announced. The OpenSSL encryption tool is used worldwide on countless websites, which means the loophole can be used by hackers to access data stored on computers, such as passwords, certificates, etc., even if the websites utilise encryption with the https protocol. But unauthorised access via stolen user identities is prevented by the tokenless two-factor authentication procedure from the developer SecurEnvoy. None of the solutions from this manufacturer have such security vulnerabilities, as they do not make use of OpenSSL.






In other words, users of the tokenless two-factor authentication method are not compromised. Quite the contrary in fact - "the SecurEnvoy solutions can also provide protection when used together with products from other manufacturers that are affected by Heartbleed," comments Andy Kemshall, Technical Director at SecurEnvoy. "This is because, at best, cyber criminals would only be able to capture single use passcodes from computer memories. But these are valid only once and would have already expired, i.e. ceased to be functional."

Using SecurEnvoy solutions, users can unambiguously identify themselves without the need for additional, dedicated tokens; this is because mobile devices such as smartphones and tablets are used as authentication tools. The passcodes required for authentication purposes are sent via SMS, e-mail, landline call, QR code scanning or a soft token app. Because of this tokenless approach, the solutions can be installed very quickly.

Two-level seed records maximize security

SecurEnvoy ensures this high level of security by dividing the seed record, which is a special algorithm used to create the one-time passcode. The user needs such a numerical code in order to login using tokenless two-factor authentication – the passcode is combined with personal login details in order to grant access, with only the correct combination allowing the login to succeed. At no time is SecurEnvoy itself in possession of information about the seed records and passcodes that are generated. Instead, part of the record is generated locally on the client's server, while the second part is defined using characteristic properties of the mobile appliance used. This effectively forms a "fingerprint" consisting of information about the SIM card, the CPU or equivalent. Each time the user requests a passcode, the user’s appliance decrypts the first part of the seed record and defines the second part.



Print Email Post Comment 
(Total Views: 308)
 
Share

 
 
Infotech News
   
Microsoft Invites Media At 26 November Event, Likely To Launch Lumia 535
ANSYS Releases New Version Of Spaceclaim
Now You Can Control Your Online Identity Yourself Very Soon, Courtesy Indie Hosters!
Confirmed: Xiaomi Redmi Note To Hit Indian Markets In December
YotaPhone Receives An Impressive Price Cut, Available For Rs 17,999 Now
 
 
 
     
     
     
     
     
     
Most popular
 

Daily

Weekly

Beware WhatsApp Users! This Service Is Boosting Divorce Rates A Lot!
Beware WhatsApp Users! This Service Is Boosting Divorce Rates A Lot!
8 Killer Tools To Make Your App Development Experience Best Ever!
Here Comes Prynt – A Smartphone Case Which Comes With Instant Printing Technology!
Know 7 Best Ways To Land A Job Opportunity At A Coding Contest
10 Necessary Open Source Security Tools
All Windows Phone 8 Lumia Handsets To Get Windows 10 Update Soon!
Another Android 5.0 Lollipop WiFi Bug Reported By Nexus Users!
10 Best JavaScript Libraries For Building Charts And Graphs
Posco Explores Expansion Opportunities In Gujarat!
BlackBerry Classic Available For Pre-Orders!
15 Amazing Open Source Alternatives For Expensive Software
Xiaomi Redmi Note To Arrive In India Soon
Facebook's Updated Privacy Policy: 5 Points In Main Focus
More About MEIL-Established 50MW Solar Power Plant In Anantapur
Microsoft Unveils Preview Of Azure Operational Insights Service
A Guide For Beginners, Planning To Start First Electronics Project
 
   

Overall

Features
8 Most Useful Ajax And PHP Based Webmail Clients
These clients offer excellent user interface and sophisticated privacy protection and it allows users view HTML formatted email messages easily....
7 Best Free Archive Managers For Linux
Here we have compiled a list of seven best archive managers which can be used on daily basis....
8 Cyber-Crime Predictions For The Year To Come – 2015
So let's take a look at what are the most critical trends for 2015 when it comes to cyber-security....
12 Major Applications To Be Shipped With Linux Mint 17.1 “Rebecca” Cinnamon
Let's have a look at 12 major applications integrated in the Cinnamon version of Mint 17.1 Rebecca....
8 Killer Music Streaming Clients For Linux Users
If you are both a lover of Linux and music, you must be aware of the best music streaming services on the Linux platform....
10 Cool Raspberry Pi Projects You Can Involve With!
Here we will list down what are the 10 best Raspberry Pi projects which you can involve with....
15 Amazing Open Source Alternatives For Expensive Software
We have a list of fifteen open source applications, for enterprises, small businesses as well as average users....
7 Most Useful Debian Goodies For Debian/Ubuntu Administrators And Users
There are some commands which will let you know which packages are occupying most disk space on your system or to get your hands upon the most recent ...
A Guide For Beginners, Planning To Start First Electronics Project
Take a look at what are most required to begin your first electronics project....
Learn The Best Ways To Scan And Delete Duplicate Files On Your Linux System
Duplicate files consume the maximum portion of the disk space and if a similar file is located in two different locations, then a symbolic link or a h...
5 Reasons Why Fedora 21 Is So Keenly Awaited!
So why are we waiting so eagerly for Fedora 21? Let's take a look at five reasons behind the excitement factor....
8 Must-Know Email Security Tips
We have eight tips for you to keep your email secure, and to follow these tips, you don't need to be tech-savvy. ...
Learn The Steps To Launch Minecraft On Your Linux System
You first need to get your Linux system ready to install Minecraft and the process remains almost same for all the Linux distributions....
10 Best JavaScript Libraries For Building Charts And Graphs
Most of these libraries are free and open source, but if you require some additional features, then there are paid versions too....
8 Killer Tools To Make Your App Development Experience Best Ever!
We have listed here eight most cutting-edge and coolest tools for app developers which will definitely improve your experience of mobile app creations...
 
  View All
Dialogue
 
10 Questions That Google Never Asks While Hiring!
Here is a list of 10 questions that Google just banned from their interviews....
For Enjay, Open Source Technology Is A Way Of Life
An entirely open source-based company, Enjay IT Solutions, has built itself a reputation in the OSS domain....
Switching To Tizen Doesn’t Mean We Are Abandoning Android: Samsung
The company has worked to build Tizen up from scratch and has now introduced it to developers and the general public with its latest range of wearable...
Venturing Into The Cloud? Develop A Customised Cloud Strategy First!
Diksha P Gupta speaks to Rushikesh Jadhav, cloud evangelist, ESDS Software Solution Pvt Ltd, on how the cloud has changed the way compan...
HTC Is Strong And There Are No Plans Of Sale Now Or In Future, Says HTC's Senior Director-Marketing
Atithya Amaresh from EFYTimes had an exclusive chat with Sirpa H. Ikola, senior director, Marketing, South Asia, HTC about its devices and its plans w...
   
  View All
Videos
 
First Look: LG Optimus G
The phone sports a high-end display and comes powered by a powerful processor. ...
Create QR-Codes For Free
TEC-IT releases the freeware QR-Code Studio to provide a quick and convenient way of QR code creation for every application scenario....
DoT Secretary Shares Plans For Growth Of Telecom Sector
M.F. Farooqui has recently taken charge as secretary, Department of Telecom....
Hands-On: Sony Xperia Z
Xperia Z is Sony's first entrant model in the big-screen smartphone category. ...
Hands On: Videocon A30 Smartphone
Videocon, the consumer electronics company which is known for its refrigerators, washing machine and air-conditioner has unveiled its Android-based sm...
   
View All
   
 
IFA 2014
 
IFA 2014: LG Launches 34-Inches Curved Monitor
The company is yet to confirm price and availability of the device....
IFA 2014: Intel Launches First Core M Range Of Processors
This range of processors is tailor-made for 2-in-1 devices which include a tablet and a laptop....
MWC 2014: Tablet Lets People Feel Textures On Its Screen
Now feel what you see on your tablet, by way of ultrasonic waves....
MWC 2014: 4K Android Tablet Games To Kill Consoles, iPad
Tablet makers like Samsung want to beat the iPad by making 4K tabs. ...
MWC 2014: This Vodafone Backpack Helps Get Network In Disaster Situations
Two engineers of Vodafone New Zealand displayed the "mini" mobile network by Vodafone substructure in a backpack. ...
MWC 2014: Wilocity Chipset To Bring 'Lightening' Speed To Mobile Phones
Wilocity has developed a WiGig chipset for mobile phones that will bring lightning-fast wireless capability ...
MWC 2014: Samsung Introduces Octacore, Hexacore Chipsets
The Korean giant, Samsung unveiled two new octacore and hexacore chipsets at MWC 2014, in Barcelona. The company previously used Exynos 5 Octa 5410 ch...
   
View All
   
 
Events
 
19th Consumer Electronic Imaging Fair To Be Held On ...

View All
   
   
 
 

home archives contact us advertise with us
           
Magazines Portals Directories Events News Verticals Educational Institute  
Electronics for You
Open Source for You
Electronics Bazaar
electronicsforu.com
efytimes.com
opensourceforu.com
electronicsb2b.com
Electronics Annual Guide
EFY EXPO INDIA
EFY EXPO WEST
ELECTRONICS ROCKS
EFY Awards
OSIDAYS Expo
Electronics
Infotech
Linux & Open Source
Consumer Electronics
Science & Technology
BPO
EFY Techcenter

Educational Kits
Kitsnspares.com  
 
 
© Copyright 2014 EFY Enterprises Pvt. Ltd.
All rights reserved. Reproduction in whole or in part in any form or medium without written permission is prohibited.
Usage of the content from the web site is subject to Terms and Conditions