Multifactor website security and your phone

This idea is pretty simple and involves website authentication and your mobile phone. It is a two factor authentication scheme that relies on the EIMI number embedded in your phone and the traditional user name/password combination, common on websites.

Put on your user hat. You go to the login page of a website, enter your user name and password, and once authenticated a new element appears with a token in it. This token is then entered in to an application on your mobile phone (phones are ubiquitous right?). That application contacts a trusted server and verifies the token and your EIMI/service credentials. You're given a token that is entered into the form, and upon submit, the destination site queries the trusted server for another layer of verification. The last transaction passes nothing other than the token received on the phone to verify that it was just issued and is still alive.

All of this sounds much harder that it actually is. Anyone want to put it together? Contact me for more ideas.

(Visited 4 times, 1 visits today)

michael

Husband, father, epic adventurer, perpetually curious, rule breaker, startup guy, innovator, maker.

Leave a Reply