Speaker
Description
Single-factor, password-based authentication is no longer enough to secure access to services. In order to improve security, applications need to employ strong authentication mechanisms that may rely on both an information the user "knows" (e.g. a password) and something the user "has" (e.g. a hardware or software token). Because the complexity of such systems is greater than that of systems that can perform single-step authentication, designing a fault tolerant deployment of such services requires additional effort. This paper describes the steps we have taken to deploy a high availability authentication service that aims to improve the security of our university's services through multiple factor authentication, while still providing a good user experience for students and staff.
