Traditional two factor authentication is based on ‘something you have’ (a token) and ‘something you know’ (a PIN or password) used to authenticate a user. The issue with traditional systems is that the ‘something you have’ can be used by anybody who has it, not just its intended owner, and the ‘something you know’ (like a 4 digit PIN) can easily be stolen when you type it in (think keystroke logger).

With PINphrase, the ‘something you have’ (the question and random characters) can only be used by you and is of no use to anyone else. The ‘something you know’ (the answer) is never divulged in full and remains private during the logon process.

How it works

The Authlogics Authentication Server stores information about you, like a mother’s maiden name, a memorable place or date, your favourite sports team, or  your own unique word. When you next try to log on, the system will prompt you for random letters from one or more random answers, but never the whole word.

The question can be displayed on the device you are logging into, or on another device that you have associated with your account, in a tokenless 1.5 factor or 2 factor mode.

After the first logon the user will be asked to provide answers to some of the generic questions setup by the administrator. It is not important for the users to answer the questions correctly or truthfully, as long as they they recall the answer they supplied when they need to logon. Since these answers are not passwords, they do not have to be alpha-numeric, mixed case etc, meaning there’s a greater chance that a user will not forget their answers.

iPhone 7 PINphrase 2 Factor Authentication


  • Familiar to users requiring little or no training
  • Easier to remember than passwords reducing support help desk queries and costs
  • Improves security over traditional passwords by combining multiple ‘something you have’ and ‘something you know’ factors
  • No hardware token required
  • Use as a password replacement for Windows Desktop logon
  • Use as part of a secure access solution to internal & cloud-based applications
  • Standards based OATH implementation
  • FIPS 198 & 180-3 compliant

PINphrase is part of Authlogics Authentication Server. Click Download to start a free 30 day trial.