The goal of the 4Passwords Authenticator is to efficiently and securely use online or offline cached One-time Passwords (OTP’s) across many devices. The One-time Passwords are shared and stored within a Thycotic On-premise of cloud based Secret Server.
The 4Passwords Authenticator is a client-side app that runs exclusively in a client’s browser and computer. The app will never send any data to any other system or website than the configured Secret Server within the app. Once the application is downloaded from either 4Passwords.com, 4pa.app or your own hosted servers, then the app will receive and send data through the browser app with the configured Thycotic Secret Server and its enabled web services API.
The optional offline cache is protected by a passphrase that encrypts your OTP keys inside the app or browser cache with 256-bit AES encryption.
One-time Passwords, short for (OTP’s) are also known as Google , Microsoft, TOTP Authenticators, and or as MFA, Multi-factor, 2FA, Two factor Authentication keys. One-time password provide an additional security layer for your login with a password.
All One-time Password techniques do in principle the same: During an authentication process the server requests a client enter a Two factor response challenge. The server will calculate a number based on a shared key and the current time. As the client and the server both hold the same key and if the time on the client and server are in sync then the client and server can generate the same number if they both hold the same key. The client can then respond correctly to the Two Factor challenge without exposing and or communicating its key across the network. only the result is communicated
To not use Two factor Authentication is simply not secure enough.
The challenge with traditional One Time Password tools are that the security keys are stored on each client and server separately.
This key is mostly presented once to the user while configuring or enrolling Two Factor for a login, often this key is stored in a single traditional Authenticator app with no auditing or other methods of updating or sharing these keys. When this key is lost, you cannot login anymore. replacing the One-time passwords on many systems or sites is then a lot of manual work and complicates things a lot, especially in the case of shared or privileged accounts. The result is that often Two factor authentication is not implemented at all, while the shared and high privileged accounts within the organisation should be protected with this extra security layer.
The 4Passwords Authenticator & Secret Server enables organisations to implement One Time Passwords everywhere
Let's Get started!
Not a Secet Server user?
What are you waiting for?
It's time to enable Two Factor
Security Solutions as a service.
Maximize your password security,
Minimize your security risks.