DaaS

Enabled Two-factor Authentication

Our Cloud computing is two-factor authentication enabled

We support two-factor authentication as an added layer of security. At this time we support three different forms of authentication to generate one time passwords (OTP): Google Authenticator, YubiKey, and email. Two-factor authentication methods can be mixed and matched among your users for further flexibility.

YubiKey :

Administrators can order a YubiKey from Yubico. This method uses a pre-configured Public ID that is unique to your YubiKey device which is stored in the YubiCloud. The device plugs into a USB port. The OTP only works once and a new one is generated every time the YubiKey is used. The YubiKey OTP is a 44-character, 128-bit encrypted key comprised of two major parts. The first 12 characters remain constant and represent the Public ID of the YubiKey token itself; the remaining 32 characters make up a unique Passcode for each OTP generated. Our cloud validates the entered OTP with the information stored on the YubiCloud. If the information is valid, the user will be logged in to session.

Google Authenticator :

Google Authenticator can run on Android, iOS, and Blackberry. Google generates an 80-bit secret key for each user. This is provided as a 16 character base32 string or as a QR code that the Administrator should enter into the cloud app and associate with a mobile device. The client creates an HMAC-SHA1 using this secret key. A portion of the HMAC is extracted and converted to a 6 digit code to use as a OTP. Users will enter the OTP supplied by Google Authenticator. Upon validation of the OTP, the user will be logged in to their session.

Microsoft Authenticator :

The Microsoft Authenticator has a near-identical setup and implementation as the Google Authenticator. Like the Google Authenticator, the Microsoft Authenticator follows the guidelines specified in RFC6238. The Microsoft Authenticator app will generate one-time passwords that can be used to provide a second layer of security when logging into their session.

Email/SMS Authentication :

When using the email authentication method, a unique OTP will be automatically generated and sent by our cloud application to the specified email. Upon logging into cloud with your user credentials, a 6-digit OTP will be generated and sent out via cloud application. Users should enter this code once prompted for the OTP by cloud. Upon validation, users will be logged in to their session.


If you prefer a SMS message can be sent to the user's mobile as well.

Our Partners

Who uses BPSNA