Enable javascript in your browser for better experience. Need to know to enable it? Go here.
radar blip
radar blip

TOTP Two-Factor Authentication

本页面中的信息并不完全以您的首选语言展示,我们正在完善其他语言版本。想要以您的首选语言了解相关信息,可以点击这里下载PDF。
更新于 : Apr 05, 2016
不在本期内容中
这一条目不在当前版本的技术雷达中。如果它出现在最近几期中,那么它很有可能仍然具有相关参考价值。如果这一条目出现在更早的雷达中,那么它很有可能已经不再具有相关性,我们的评估将不再适用于当下。很遗憾我们没有足够的带宽来持续评估以往的雷达内容。 了解更多
Apr 2016
Adopt ? 我们强烈建议业界采用这些技术,我们将会在任何合适的项目中使用它们。

Password security is still a hotly debated topic with the UK government advocating technical controls that let users remember simpler passwords and Edward Snowden’s password advice being described as only "borderline secure". Passwords are generally one of the weakest links in the security chain, so we recommend employing two-factor authentication , which can significantly improve security. Time-based One-Time Password ( TOTP ) is the standard algorithm in this space, with straightforward server-side implementations and free smartphone authenticator apps from Google and Microsoft.

Nov 2015
Adopt ? 我们强烈建议业界采用这些技术,我们将会在任何合适的项目中使用它们。
May 2015
Trial ? 值得一试。了解为何要构建这一能力是很重要的。企业应当在风险可控的前提下在项目中尝试应用此项技术。

Passwords continue to be a poor mechanism for authenticating users and we’ve recently seen companies such as Yahoo! move to a “no passwords” solution—a one-time code is texted to your phone whenever you need to log in from a new browser. If you are still using passwords we recommend employing two-factor authentication which can significantly improve security. Time-based One-Time Password ( TOTP ) is the standard algorithm in this space, with free smartphone authenticator apps from Google and Microsoft.

Jan 2015
Assess ? 在了解它将对你的企业产生什么影响的前提下值得探索

Two-factor authentication significantly improves security over simple password-based systems. RFC 6238 -- Time-based One-Time Password Algorithm -- is a standard for two-factor authentication. 'Standard' authenticator apps from Google and Microsoft provide tokens to smartphone users, and there are a number of other client and server implementations readily available. With providers such as Google, Facebook, Dropbox and Evernote using TOTP, there really is no excuse to continue using simple password-based authentication where stronger security would be appropriate.

Jul 2014
Assess ? 在了解它将对你的企业产生什么影响的前提下值得探索
Two-factor authentication significantly improves security over simple password-based systems. RFC 6238 -- Time-based One-Time Password Algorithm -- is a standard for two-factor authentication. "Standard" authenticator apps from Google and Microsoft provide tokens to smartphone users, and there are a number of other client and server implementations readily available. With providers such as Google, Facebook, Dropbox and Evernote using TOTP, there really is no excuse to continue using simple password-based authentication where stronger security would be appropriate.
发布于 : Jul 08, 2014

下载第29期技术雷达

English | Español | Português | 中文

获取最新技术洞见

 

立即订阅

查看存档并阅读往期内容