- 1.877.NO.TOKEN
- (1.877.668.6536)
PhoneFactor.com
How does PhoneFactor™ work?
What is two-factor authentication?
What’s wrong with passwords?
How secure is PhoneFactor?
Do I need to install anything on my phone?
How long does it take to sign in?
What makes PhoneFactor secure?
What happens if I lose my phone?
What happens if I lose cell phone coverage in a certain area?
Does this work everywhere or just in the US?
What if I get a phone call from PhoneFactor when I’m not trying to log in?
How does PhoneFactor™ work?
PhoneFactor works by placing a confirmation call to your phone during the login process. You simply answer your phone and press # to confirm the login. Because it just uses a phone call, PhoneFactor is compatible with any touch tone phone. There is no software to install, and it works with regular phones and mobiles.
-top-
Passwords are often the weakest link in data security. Users pick terrible passwords and bots and keyloggers harvest passwords by the thousands. Phishing sites trick users into giving passwords away and those stolen passwords are passed around, sold, or posted on the Internet. Users reuse passwords in- and outside of the office network. They’re better than nothing, so most companies need something stronger than passwords.
-top-
PhoneFactor is a dramatic improvement over passwords. It’s also more secure than many other two-factor systems, with sophisticated anti-phishing support and even an optional three-factor upgrade. And since it’s easy and economical enough to deploy to everyone (instead of just a select few users), it can be a huge overall security improvement.
-top-
Do I need to install anything on my phone?
No, absolutely nothing needs to be installed on the phone. The system works by placing a phone call to the user, asking the user to answer the phone and enter an optional PIN. That’s all there is to it! Unlike other solutions, PhoneFactor will work with any phone at all.
Because there are no end-user devices, enrollment and training are a breeze – all you need is the user’s phone number. From that point on, the user answers the phone when it rings and confirms that they were indeed trying to sign in by entering an optional PIN and pressing the # key.
-top-
How long does it take to sign in?
PhoneFactor adds a minimal amount of time to the authentication process – just the amount of time for the phone call to complete. On answering the phone, the end user enters an optional PIN and presses the # key. At that instant, even before the user disconnects the phone call, the application is signaled that authentication is successful and the user is logged in.
-top-
What makes PhoneFactor secure?
PhoneFactor adds a confirmation phone call to your existing authentication architecture. Instead of only having a username and a password, users now receive an automated confirmation call. This guarantees that it is the user, and not an imposter, attempting to log into the system.
The security of the system lies in the confirmation call. Two-factor authentication requires both something you know and something you have. In the case of PhoneFactor, the “something you know” is the existing username and password, and the “something you have” is the phone. Even if a user’s username and password become known to an attacker, that information is not sufficient to access the account. Likewise, even if an attacker manages to gain possession of a user’s phone, it cannot be used to access the account without also knowing the username and password.
Phones are, for all practical purposes, impossible to duplicate. In order for a user to give her account away to someone else, she has to actually give away the physical phone, since you can’t log in without it. This helps improve accountability and auditability.
-top-
What happens if I lose my phone?
An alternate number can be set up by calling the support staff, once your identity is strongly established.
-top-
What happens if I lose cell phone coverage in a certain area?
Call the support staff from any phone to request a one time bypass. Once your identity is strongly established, they can allow you to authenticate one time without receiving a PhoneFactor call. They can also change your account to point to an alternate phone number, such as a land line.
-top-
Does this work everywhere or just in the US?
PhoneFactor works anywhere you can receive a phone call, and calls are free to zones in 30+ countries worldwide.
-top-
What if I get a phone call from PhoneFactor when I’m not trying to log in?
This would only happen if someone else were trying to log into your account and they already knew your password. Remember, phone calls are only made after the username and password are verified. So, if this happens, PhoneFactor has just saved your account from illicit access!
PhoneFactor is the only two-factor service that provides users with the ability to instantly report unauthorized account access attempts, which may aid in the forensics effort to track down the perpetrator. In case a user receives an un-requested authentication call, pressing the * key will allow this incident to be reported to technical support instantly.
-top-