1.5 Factor Authentication
The aim of 1.5 Factor Authentication (1.5 FA) is to deliver a One Time Code solution without the need for a separate physical device. Traditionally all One Time Code systems had to be Two Factor solutions and the codes were displayed on the second physical factor. In these cases the first factor was still a PIN or password.
In contrast, 1.5 FA does not require a PIN, password or second factor device at all. Instead a challenge is displayed directly on screen which only the user would know how to respond to; the response is a One Time Code.
Technically speaking 1.5 Factor Authentication is only using a single factor, however it bridges the gap between the convenience of passwords and the complexity of physical tokens. By simply replacing a password based logon with 1.5 FA you remove the threat of key loggers and malware trying to steal PIN’s and passwords. Once the password is replaced you have also just removed the continuous password reset process which costs time and money.
- NO hardware tokens
- NO software apps
- NO SMS/TEXT messages
- NO more passwords
- Built directly into Web page or App
- Stop key loggers in their tracks
- Risk appropriate security for lower value assets
- Convenient access to internal & Cloud-based applications
- Deployed in seconds
- Simple to use
- Seamless step-up to 2 Factor when needed
- User self-service portal
Authlogics 1.5 Factor Authentication Technologies
- Pattern based graphical technology.
- PINgrid challenge grid can be displayed directly on a web page or within an app.
- The user simply looks at the grid, recalls their pattern and enters their One Time Code.
- Language based text technology.
- A PINphrase question can be displayed directly on a web page or within an app.
- The user simply reads the question, recalls their answer and enters their One Time Code.
Frequently Asked Questions
How is 1.5 FA better than passwords?
Passwords are a single factor of authentication which are easily forgotten and users often write them down on post-it notes, or reuse them on multiple systems. They are easily stolen via malware and key loggers to be used at a later time by hackers. When you type in a password you have basically given it away as it could be intercepted at any time and should no longer be considered secret.
1.5 Factor Authentication does away with the static nature of passwords entirely. This thwarts malware and key loggers as a stolen code is no use once it has been used. Crucially, unlike a password, the “secret” the user knows the answer to is not given away during a logon.
All this is achieved without the need for a second factor device.
Is 1.5 FA as secure as 2 FA?
Strictly speaking, no 1.5 FA is not as secure as 2 FA. However it is much more secure than password based 1 FA.
1.5 FA is an ideal middle ground of increased security over passwords without the sledge hammer approach of adding 2 FA to everything. It is ideally suited to situations where some protection is needed to low value assets, however convenience is also critical.