• It's time to say goodbye Password Authentication Solution:

Although the password authentication has been a popular solution so far, it still has many shortages. Users must remember a lot of passwords which are easily shared with other people. Passwords can be stolen when the encrypted transmission line is not used. Besides, if users set passwords with insufficient length or special symbols passwords will be cracked by brute or dictionary attack techniques. The password solution is not able to prevent sniffing and key-logger attacks. It doesn’t guarantee deniability because users register passwords for the service providers who save the passwords. The password authentication solution is one-factor authentication.

• One-time Password Solution:

This is two-factor authentication solution which does not support non-denial function and digital signatures.

• Our PKI Based Authentication Solution can solve the above problems effectively:
  • Each user has a key pair, one key is stored on digital certificate and the other is saved on an encrypted file or Token (Smartcard or USBToken).
  • This solution permits to exchange session key on a secure way without reveal of the confidential key.
  • Users are authenticated without submitting their passwords to service providers.
  • User passwords are limited on network servers.
  • Authentication credentials are located in hardware tokens or encrypted files.
  • A user just needs to remember one password to manage a set of authentication credentials.
  • If the PKI authentication is applied on systems, all authentication credentials will be stored as a password on a hard-token or encrypted file, so the possibility of forgetting password is very low.
  • This solution is based on public encryption infrastructure which supports digital signatures and non-denial function.
  • This solution also supports information confidentiality and data integrity.