• Contact us
• Sitemap
• Press
• Investor Relations

•  
• Products & Solutions
  • Policy Compliance

    • NETconsent Compliance Suite
    • NETconsent Policy Manager
    • NETconsent Examiner
    • NETconsent Informer
    • NETconsent Assessor
    • NETconsent Reporter

    Content Security

    • Secured eMail
    • Secured eFile
    • Secured eCollaboration
    • Secured eUSB
    • Simple Encryption Platform

    Secure Access

    • AppGate Security Server Appliance
    • Secure access for iOS® & Android®
    • AppGate Satellites
    • Cryptzone OTP
    • MindTerm

    Endpoint Security

    • Secured eUSB
    • Secured eDevice
    • Secured eDisk
    • SE46 Application Whitelisting
    • AppGate Device Firewall

    Solutions

    • Healthcare
    • Public Service
    • Financial Services
    • Laws & Regulations
• Resources
  • Whitepapers
  • Recorded Webinars
  • Case Studies
• Support
  • Phone Support
  • Purchase/Renew Support your contract
  • Training
  • Technical documentation
• Partners
  • Cryptzone Partner Program
  • Become a Partner
  • Partner Portal
• About
  • About Overview
  • Board of Directors
  • Contact Us
  • Management Team
  • Investor Relations
• Purchase
  • Worldwide sales
  • Sales Contact Information
  • Online Shop

• Financial Sector
• Healthcare
• Public Service
• Whitepapers
• Product Demos
• Investor Relations

• Policy Compliance
• Content Security
• Secure Access
• Endpoint Security

• Demos & Workshops
• Recorded Webinars
• Whitepapers
• Case Studies
• Solution Guides
• Data Sheets
• SaaS
• By Product

• Phone Support
• Purchase/Renew your support contract
• Training
• Technical Documentation

• Cryptzone Partner Program
• Become a partner
• Find a partner near you
• Partner Portal

• About Us
• Board of Directors
• Management Team
• Contact us
• Investor Relations

• Worldwide sales
• Contact us directly
• Online Shop

• Press Releases
• Press Release Archive
• Awards & Certifications
• Press Contact
• Downloads
• Events

Strong two-factor authentication making your system less vulnerable to unauthorized access.

Easy to use, easy to manage OTP solution

A one-time password (OTP) is a password that is valid for only one authentication attempt. OTPs are increasingly used in two-factor authentication systems to improve system security as organizations recognize that the traditional username and static password combination is no longer sufficient protection against unauthorized access. Static passwords are susceptible to cracking and a network that relies on this one-factor authentication method is very vulnerable to replay attacks. OTP systems avoid most of the short-comings of static passwords - replaying a one-time password won’t work because, once used, it is no longer valid.

OTP solutions generally use one of two ways to get a one-time password to the user when they are trying to authenticate: the OTP can be sent to the user eg. by SMS or email, or it can be self-generated eg. using a physical or soft token. Two-factor authentication adds complexity for users, which can result in more calls to the helpdesk or lost productivity if people find themselves unable to log in. Therefore, an OTP solution needs to be easy to use and easy to manage in terms of setting up new users and day-to-day administration.

The AppGate Security Server from the Cryptzone Group has always supported a wide range of authentication methods and two-factor authentication. Now a new Cryptzone OTP module is available for the AppGate system that provides a fully integrated OTP solution. With the Cryptzone OTP module, OTPs are generated on the user’s own mobile phone. Each time the user wants to log in, they simply press a button on their phone to generate the next OTP in the sequence and enter it into the AppGate login dialogue.

Benefits

Prevent replay attacks:

Systems that rely only on static passwords for authentication are very vulnerable to attack. Users change their password only when they absolutely have to, they write them down, share them with colleagues, passwords are cached on computer hard drives and stored on servers often unencrypted making them susceptible to cracking. An OTP is only valid for one authentication attempt, so it can't be used again to access the network even if a hacker manages to intercept and record it.

Apply the right level of security for each user

The AppGate Security Server supports a wide range of authentication methods. Different authentication methods can be applied for different user groups depending on the level of risk and therefore the level of security required. AppGate also allows chained authentication. One-time passwords can be combined with other methods to provide true multi-factor authentication.

Easy to use

Once the Cryptzone OTP app has been downloaded to the mobile phone and initialized, all the user has to do is enter a pin (this is an optional setting) and press a button to generate the next one time password. The user's phone does not require any network connectivity in order to generate each one-time password as no SMS is sent, which makes the Cryptzone OTP a robust solution that can be used anywhere.

Easy to install and deploy

Deploying the Cryptzone OTP solution for new users is quick and easy. The user simply downloads the app to their mobile phone. Initialization of the OTP generator happens automatically the first time the phone app is used to authenticate. There are no settings or configuration options to specify during installation.

Low cost solution

No additional hardware/servers are required. OTPs are generated on users' mobile phones avoiding the cost of distributing and maintaining physical tokens.