Skip to main content

Simple, really.

There are two factors: possession of the private key and knowledge of the PIN. The private key is stored on the client. Our PC client, for example, this key is in a password-protected PKS12 encrypted file. If someone steals this file and brute-force attacks it and gets the passcode, they are only half-way there.

They still need the PIN. The PIN is stored encrypted on the WiKID server. Losing the private key is the equivalent of losing a hardware token. You're only half-way there.

Typical software tokens store the PIN, the secret and the algorythm all in the client. Clearly this is not the way to do it.


Copyright © WiKID Systems, Inc. 2024 | Two-factor Authentication