A SmartCard is said to be tamper-proof, you cannot copy the card nor extract its secrets without a PIN, making it suitable for 2-factor-authentication. This can be a plastic card, a USB token or even a virtual device. SmartCard ("SC" ): A device able to process and store cryptographic secrets like certificates used for authentication. A password for you may still exist behind the scenes, though, but from an attacker’s perspective, it is impossible to obtain. Not to be confused with: a PIN, an OTP (“one-time-password”) or a password hash.īeing passwordless: Not having a password, or better, not needing to know it, because you will never have to type it, since you use other means of authentication. Passwords: A combination of characters used together with a username in order to prove one’s identity and afterwards get access to some sort of IT system. Instead I will cover the process thoroughly. It was a long journey and therefore, in this article, I will not fast-forward through it. Now I would like to showcase this transition, so that others trying to “go passwordless” are able to judge what it takes. Some time ago, I was asked to work out a strategy for our Windows domain accounts to go passwordless and I finally finished that task.
0 Comments
Leave a Reply. |