ProxyIdP offers a more secure way of authentication on top of passwords – the so-called Multi-Factor Authentication (MFA). Once activated, an additional form of authentication is required in addition to the required password, for example in the form of a verification code. This function makes it more difficult for potential attackers to misuse someone else’s account.
...
| Expand |
|---|
| title | Comparison of signing in methods |
|---|
|
| Passwords | Verification codes (TOTP)
| Security keys (WebAuthn) | Protection against misuse of stolen passwords | ✗ | ✔ | ✔ | Protection against guessing of passwords | ✗ | ✔ | ✔ | Protection against simple phishing | ✗ | ✔ | ✔ | Protection against advanced phishing | ✗ | ✗ | ✔ | Availability on all IT devices | ✔ | ✔ | ✗ |
|
| Expand |
|---|
|
Multi-factor authentication | Identity verification using two or more authentication factors (e.g. something I know + something I have). | Security key | Usually a physical or a virtual device used for identity verification based on a secret key.
| Verification codes | One-time codes with limited time validity, generated by an authentication app, e.g. Aegis.
| Recovery codes | One-time codes which can be generated during initial setup and saved or printed. They can be used to authenticate in case of losing all other authentication devices.
| Tokens | Means of authentication other than a password or a PIN, including security keys, verification codes and recovery codes. |
|
...
Before setting up Multi-Factor Authentication using authentication codes, you need to have a mobile app that generates the codes. We recommend using Aegis Authenticator for Android and Raivo OTP for iOS, also you can check the List of verified TOTP applications and password managers. You then need to add a token for the authentication codes in the ProxyIdP Multi-Factor Authentication settings and link them together.
...