ProxyIdP offers a more secure way of authentication on top of passwords – the so-called Multi-Factor Authentication (MFA). Once activated, an additional form of authentication is required in addition to the required password, for example in the form of a verification code. This function makes it more difficult for potential attackers to misuse someone else’s account.
...
Expand |
---|
title | Comparison of signing in methods |
---|
|
| Passwords | Verification codes (TOTP)
| Security keys (WebAuthn) | Protection against misuse of stolen passwords | ✗ | ✔ | ✔ | Protection against guessing of passwords | ✗ | ✔ | ✔ | Protection against simple phishing | ✗ | ✔ | ✔ | Protection against advanced phishing | ✗ | ✗ | ✔ | Availability on all IT devices | ✔ | ✔ | ✗ |
|
Expand |
---|
|
Multi-factor authentication | Identity verification using two or more authentication factors (e.g. something I know + something I have). | Security key | Usually a physical or a virtual device used for identity verification based on a secret key.
| Verification codes | One-time codes with limited time validity, generated by an authentication app, e.g. Aegis.
| Recovery codes | One-time codes which can be generated during initial setup and saved or printed. They can be used to authenticate in case of losing all other authentication devices.
| Tokens | Means of authentication other than a password or a PIN, including security keys, verification codes and recovery codes. |
|
...