User authentication

We help you in achieving a user-centric and secure digital workplace.

Secure authentication

Password Reset Self Service Promo Mobile

Knowing who your users are through robust authentication is a crucial component of your organization's security, accountability, and compliance. Our solutions help you streamline the authentication process for both your users and the IT department, no matter if your infrastructure is on-prem, in the cloud, or both. Enable multi-factor authentication with two, or more, factors for all users and devices in a secure and user-friendly way.

We help you with:

Secure authentication is one of many user-friendly security features in our Access Management solution.

Your choice

Enterprise security for every user with support for FIDO, OTP, mobile apps, and everything in between.

On-prem and cloud

Authentication for all your applications — both on-prem and in the cloud

For all devices

Support for all devices, operating systems, and security levels you need.

One size does not fit all

Customize it for you

Our authentication solutions

Multi-factor authentication

Secure your organization with our smart login app, certificates, security keys, or other solutions that fit your needs.

Passwordless authentication

Improve usability and the stop leaked passwords by going passwordless. Secure authentication of users without having to type in a single password.

PKI as a service

Do you need certificate-based authentication? We offer a high-security PKI-as-a-service, giving you everything you require without investing in the infrastructure.

Certificate-based authentication

Secure access with certificate-based authentication, regardless of device or operating system. Enable single sign-on with great user experience and complete lifecycle management.

YubiKey lifecycle management

Enable YubiKeys in an enterprise environment. Our unique solutions give you complete control, simplify administration, and provide full traceability.

FIDO for enterprises

Start using FIDO for easy and user-friendly authentication in your organization.

Webinar

Unified MFA for a hybrid environment

How to deploy a single solution for all legacy, on-prem, and cloud applications.

With an ever-evolving landscape, most organizations face an infrastructure that has grown into a hybrid model, consisting of a mix of legacy applications, on-premises, and cloud services. That also brings along a proliferation of various accounts, identities, and login methods that are extremely challenging to manage centrally, let alone harmonize easily. Is it even possible to gather all applications under a single digital identity and protect everything with MFA?

In this webinar, our experts will discuss the challenges with the modern hybrid infrastructure and how you can enable multi-factor authentication with single sign-on for all your apps, whether cloud-based or on-premise legacy applications. Our experts will discuss what you should consider when choosing a comprehensive MFA solution, how to deploy it, and what are the best practices for a successful rollout.

In this webinar you will learn:

What are the challenges to implementing strong authentication in a hybrid infrastructure?
What you need to take into consideration
How to deploy one MFA solution for all your users and applications

Hosted by

Lukas Baart

Solutions Engineer

Want to talk to an expert?

Tell us your needs and requirements and we will help you find the right solution to secure your digital workplace.

Book a meeting now

Secure authentication — the basics

What is user authentication?

User authentication means that a user can prove that they are who they say they are.

Imagine presenting your ID card when picking up a package at the local post office. You prove that you are the correct package receiver, authenticate yourself, and can pick up the results from your latest shopping spree.

In the digital world, it works the same way. Whether it is logging in to your work computer, your bank, or anything else, you have to provide something that proves you are who you say you are.

Traditionally, in many cases, this has been done by using passwords. But today, many more options exist for significantly more secure user authentication in any environment.

What is two-factor authentication (2FA)?

Two-factor authentication, 2FA, means that the user presents two things (factors) to prove their identity.

User authentication by passwords alone is not very secure, as passwords are easily lost, forgotten, or stolen.

Combining the use of a password with something else significantly increases security. It can be a one-time code sent by email or text, a fingerprint or retinal scan on a phone (biometric identification), or an authenticator app on your mobile device.

Even if a hacker could get hold of your password, the first factor, they would still be missing the second factor in order to log in.

What is multi-factor authentication (MFA)?

Multi-factor authentication (MFA) and two-factor authentication (2FA) are closely related. Both involve the use of more than one factor for authenticating a user. 2FA uses two factors, often a password and something else, and can be considered a part of MFA. However, the latter can involve several means of authentication instead of just two.

To give a quick example, a user tries to log in with their username and password (something the user knows). If the password is correct, they are asked to authenticate themselves with their authenticator app (something the user has). The authenticator app itself is locked with the fingerprint sensor on their device and can not be used before the correct fingerprint has been presented (something the user is).

What methods of authentication exist?

In multi-factor authentication, there are usually three factors that can be used.

Knowledge factor
Something the user knows, like a password or a PIN code.
Possession factor
Something the user has, like a YubiKey, smart card, authenticator app, or OTP token.
Inherence factor
Something the user is, like biometric factors such as a fingerprint or retinal scan.

In some cases, location can also be a factor. However, for privacy reasons, this should be used with caution.

What is the difference between authentication and authorization?

Authentication is proving that you are who you say you are. In the physical world, by an ID, passport, company badge, or similar. In the digital world, by one or several authentication factors.

Authorization is what said authentication gives you access to. A company smart card might unlock the front door for you, but only the door to the server room if you are authorized.

The same goes for the digital world, where authorization is closely tied to identity and access management, sometimes called access control. Authenticating yourself may give you access to post articles on the company blog, but not to change elements of the web design itself since you do not have the role of the company web designer.

Proving you are who you say you are is a critical part of organizational security; restricting what you can access within your role description is another essential part of cyber security.

What is the most secure form of authentication?

A secure PKI solution with certificates tied to a physical token, like a smart card or YubiKey, is generally considered one of the most secure forms of authentication available. It is used in high-security environments, often in combination with one or several other forms of identification, like photo ID or biometrics.

At the same time, strong authentication is closely tied to authorization and access rights, also known as identity and access management. Something that can play as much a part of your overall strategy as the authentication itself.