Last post Oct 07, 2010 02:08 PM by Haitham Khedre
Oct 07, 2010 11:10 AM|curtisdehaven|LINK
Anyone have any good ideas for implementing a strong two factor authentication solution to an app that's already using asp.net authentication? any particular add-ons that work well with asp.net? Preferably one that doesnt involved end-user hardware....
thnx - Curt
Oct 07, 2010 02:08 PM|Haitham Khedre|LINK
I saw this in a banking system and I liked a lot , it will give you the 2 factor Authentication.
what they do beside user name and password is the following :
they ask you when you register to create an Identity code , a PIN code ,whatever it should be different than password.
then when you come to the site and login
1- they ask you to enter your user name
2- they ask you to enter the 1st,4th,and last letters from your Identity code ,( and they change these positions sequence always)
3- if the letter you enter match the correctly the positions of your letters in Identity code , they ask you for password.
if you are doing this for critical function like send money , you can do the Safe Pass idea of Bank of America, what it dose
hope that helped.