

AWS Multi-Factor Authentication - delano
http://aws.amazon.com/mfa/

======
Tawheed
Instead of an authentication device, why not have an iPhone app that gives the
authentication digits? (warning: i have no idea how these devices work and may
be missing something obvious)

~~~
psranga
These keyfobs number generators are actually pretty interesting devices. The
basic principle is that they generate a pseudorandom sequence of numbers. The
starting seed of each device is different, and each device's seed is known to
the authenticating server. Given the initial seed and the current time, the
server can predict what is the number that the token will show.

Due to the properties of the pseudorandom algo, it is impossible to guess the
seed by observing a token's digits.

And these sealed tokens self-destruct if tampered with. No, you can't change
the batteries. :)

------
Titanous
I've been mulling over an idea for a while:

A web service that would easily add a second factor of authentication to your
existing application's login system.

Thoughts?

~~~
m_eiman
There are such systems available, e.g.
<http://www.google.se/search?q=authentication+sms+service>

In my opinion the best solution for two-factor logins is password plus SMS
challenge. It requires a device, but at least it's a device you most likely
already have.

The solution might not be as useful in the US with the "pay for receiving
messages" stuff, but if the service you're loggin into is important enough
(bank etc) most people might not mind.

~~~
JunkDNA
I have no experience with SMS other than as an average user. I'd love to know
from someone more knowledgable than me, how secure this would be? From my
basic understanding it seems that SMS would be hard to intercept on the phone
network, but if a site is using an SMS gateway, it's not much safer than using
email for two factor auth, right?

------
zngtk4
Nice, but why not allow integration with common authentication devices
available, such as SecurID? I don't want to end up with 5 or 6 of different
authentication devices.

