Dual Factor Authentication Solution for AIX
These days, we often hear of large companies getting hacked and customer information, such as usernames and passwords, being stolen. You may have noticed more companies launching Dual Factor or Multi Factor authentication mechanisms.
Those of you who have used the AIX Operating System for many years are well aware of the capabilities and security that is built within. However, dual factor authentication is one glaring omission. Over the years many of our customers have asked if there were solutions out there for this problem. We haven’t been able to find one, so we decided to create our own.
Multi factor authentication relies on something you know and something you have.
In other words, you would have to present something you know, like your password, and additionally, something you have, such as your fingerprint to prove who you are. The most popular method is to use personal cell phones to achieve verification. This is a reasonable approach since it’s unlikely that someone stealing your login name and password would also have access to your cell phone.
VoltaAuthenticate for AIX consists of two major parts.
The first is the code that traps the attempted login. If a user can successfully log in based on knowledge of their password, the system then sends a text message with a completely random phrase consisting of upper and lower-case letters, numbers, and possibly a dash or underscore character to the user’s cell phone. The user will have three chances to enter the phrase correctly. The legitimate user will be able to log in, and if it was a bogus attempt, the legitimate user will receive a notification of the attempt and from where it came. The attempt is also logged in the system.
The second part is a menu system that allows the system administrator to add and delete users from the authorized user database, as well as view the activities log and session log. There is also a mechanism to back up the authentication system, including the database.