Time synchronous authentication refers to a type of Two Factor Authentication (TF-A) method that uses synchronous or time-synchronized tokens for authentication.
The intended synchronous tokens are time-synchronized with an authentication server in order to create a One-Time Password (OTP). The server and the token have individual clocks that should be synchronized to the exact same timebase.
The generated OTP is valid only for a short time period. If the difference between the authenticator clock and the token clock is too great, then the password authentication will not be accurate.
The other two types of TF-A used in networks are challenge response authentication and event synchronous authentication.
In time synchronous authentication, both the server and the user have their internal clocks synchronized, thus the name. Also, they contain the exact same seeds. A seed can be described as the starting values applied by the random number generation to generate a pseudo random number.
Time synchronous authentication method uses three steps to execute the authentication:
- The user inputs the username and passcode. The passcode includes a 4-to-8 digit random token code as well as PIN of the user.
- The token and the server generate the token code by blending the seed record and the present Greenwich Mean Time (GMT).
- The server then authenticates the user's passcode with the server's passcode and if found correct, the authentication is validated.
Time Synchronous Authentication features some benefits over the challenge response and event synchronous authentication, they are:
- Security: The time synchronous authentication is much secured when compared with the other two as it depends on the secret seed of the token. The secret seed is virtually hacker proof. The other two authentication methods are less advanced and are vulnerable to attacks.
- Portability: Time synchronous hardware tokens are highly portable as they are not tied to the desktop of the user. Also, there is an option to pick from a variety of factors, which can be effortlessly incorporated into the mobile phones and palm devices.
- Simple Use: The time synchronous authentication includes three steps whereas the challenge response authentication includes five steps.
0 Comments