A few years back, you could enable software OTP MFA such as Google Authenticator or Authy on Mondido to further secure your admin account, and now we have released an even easier and flexible Multi Factor Authentication technology that supports hardware devices on your computer or smartphone.

For example, if your company policy does not allow installing custom applications on your smartphone, you can utilize the biometric fingerprint reader on your phone or computer to add another factor of security to your account.

Other hardware devices such as Yubikey are very popular as Multi Factor Authentication on your sensitive accounts.

 

Webauthn

Web Authentication (WebAuthn) is a web standard published by the World Wide Web Consortium (W3C). The goal of the project is to standardize an interface for authenticating users to web-based applications and services using public-key cryptography.

WebAuthn implements an extension of the W3C’s more general Credential Management API, which is an attempt to formalize the interaction between websites and web browsers when exchanging user credentials. The Web Authentication extends the Credential Management navigator.credentials.create() and navigator.credentials.get() JavaScript methods so they accept a publicKey parameter.

The create() method is used for registering public key authenticators as part of associating them with user accounts (possibly at initial account creation time but more likely when adding a new security device to an existing account) while the get() method is used for authenticating (such as when logging in).

OTP

Mondido still accepts One Time Passwords as a MFA tool so there is no need to switch to Hardware authentication unless you feel it would be easier for you as an administrator logging in.

Gillar du vad du läst?

Gör som tusentals andra, prenumerera på våra inlägg.