OATH and Google authenticator are some relatively new components of the IAM/IDM world, that could change our lives some day: OATH, (not to confound with OAuth !), proposes the wide adoption of OTP based and 2 factor authentication frameworks, making the web actors exchanges more secure, easier to implement and easier to integrate thanks to some well known authentication standards like HOTP.

OATH also features simplified authentication thanks to federation (that is some kind of virtually unlimited web SSO). The very new thing here is that OATH proposes a standard framework at the users, devices, and networks levels, potentially making adoption faster.

Google authenticator, on its side, is one of Google’s user friendly solution to the authentication and identity thieft issues: if your application or authentication server supports Google authenticator, then your users will be able to benefit from strong authentication (one time password based authentication) just by downloading the Google authenticator Android application on their smart phone. Interesting at least for businesses requiring more security in the cloud.

And thus, if you noticed the title of this article, you may wonder what’s Authentic 2, with regards to OATH and Google authenticator ? Well, it’s the new version of an authentication software server that supports each of them, and also proposes many other identity related features like a federation gateway and PAM support.

Les derniers articles par janua (tout voir)