Multi-Factor Authenticators (MFAs)
We support many Multi-Factor Authenticators (MFAs) to meet your access security needs
- The token generation software, NacID, can be installed on a PC or Laptop
- Users can easily register the NacID software by using the credentials provided by their security administrators.
- The NacID software is designed in such a way that it will not work without going through proper registration process
- Once the NacID software is registered on a PC or a Laptop then it cannot be used on any other devices.
- In case of any tempering, the software is disabled.
- In order to use the NacID software, users must authenticate first using the passphrase picked during the registration process.
- The software generates a unique token every 60 seconds once the proper secret is entered.
- The token displayed after proper authentication can be used to access the network
- Any authentication using the NacID software works over Radius, TACACS+ & SGLOGIN authentication protocols.
- In case of any errors, users and administrators are notified.
- Any access attempts (successful or failed) are notified to the users
- The NacPass App provides a secured link to communicate with the customer’s security system. All the communication is encrypted using AES256 protocol
- The NacPass App has the capability to receive Multi-Factor authentication credentials from the enterprise security system where the App is registered.
- In order to retrieve any information from the App sent by the security system, the users must authenticate using FingerPrint, Facial recognition or PassPhrase
- All the communication between the App and the Known Access security system is secured in multiple layers.
- A token can be requested using the NacPass App. The Known Access supported tokens are 7-digit long
- If a user tries to authenticate with a userid and password then a 7-digit token is sent to the user’s App. The token can be accessed from the App after successful authentication using Finger Print, Face ID or PassPhrase
- The other strong method supported in NacPass is to allow a user to pre-authorize for network resource access. When this method is used then there is no need to enter a 7-digit token
- The NacPass App can also deliver event notifications
Hardware Token – YubiCo’s YubiKey 4&5 for OTP
- Works with Known Access Security products
- Secure 128-bit AES encrypted One-Time Passwords, near impossible to spoof
- Includes usage counters to identify and prevent replay attacks
- Works across multiple language Keyboard Layouts, utilizing only common characters
- Generates a unique 44 Character One-Time Password on every use
- Includes a Public ID for each OTP, allowing YubiKeys to be easily associated with a user account
- The public keys are typically 12 characters long. No need to enter any data as it is emitted by the key
- YubiKeys can be pre-programmed or they can be programmed by the customers
- Key configuration software is available to program the keys
- Whenever a YubiKey is programmed, it generates a row of configuration information in a file
- Once all the YubiKeys are programmed then the file is ready with all the configuration data
- The configuration file can be loaded in the database of Known Access servers. A simple procedure is provided to accomplish that
- The association between a YubiKey and a user is automated in our security system
Remote Access Using YubiKey
Resource Access using YubiKey
Hardware Token - RSA SecurID Tokens
- We support RSA SecurID tokens in our security system
- The RSA SecurID tokens mainly come in two models i.e 700 & 800.
- The RSA SecurID 700 is a small key fob that displays a 6-digit token and a countdown timer until the next token is displayed.
The RSA SecurID 800 is a USB based token that also displays 6-digit token and a countdown counter timer
- These tokens come with a seed file that can be loaded into the Known Access security system using the software and procedure provided with the product
- Once the seed file of the RSA tokens is loaded then the security system administrator can assign these tokens to the users
- We provide a capability to notify the users via NacPass-App or SMS whenever a user authenticates using the RSA token
- We support two methods to deliver a 7-digit code (as a 2nd factor) to the users over SMS.
- The users can request a 7-digit code by texting a pre-defined configurable string to a phone number provided by Known Access
- When a user uses UserID and codeword to log in then a 7-digit code is issued to the user. At the same time the user is prompted to enter the 7-digit code.
- The SMS configuration software is provided with the Known Access security system
- This functionality to receive SMS based tokens or deliver security tokens can be enabled or disabled for the entire system or by per user basis
- We provide a capability to send authentication success or failure notifications over SMS
- We also use SMS for sending validation code for NacPass App users