TEL AVIV, Israel, January 17, 2018 /PRNewswire/ --
Secret Double Octopus, the pioneer of password-free, keyless authentication technology, announced today the launch of its Octopus Domain Authentication, providing high assurance, password-free authentication for Active Directory domains.
Microsoft's Active Directory (AD) centralises authentication and authorization for domain resources, but also creates a critical single point of failure - the account password that grants access to all resources. AD passwords are prone to phishing, cracking and hacking, and when passwords are stolen, attackers can access all systems and resources authorized for a given account.
"The loss of even a single password can have devastating effects on an organization, it can mean the attacker basically has the keys to the kingdom, which is a position that no organization can afford to find itself in," said Luis Arzu, Chief Information Security Officer at Farm Credit Financial Partners, Inc.
Octopus Domain Authentication improves the security posture of AD domains, user experience and productivity is improved by eliminating the need for complex passwords requiring frequent updates, and deployment of second factor authentication. Additionally, companies are able to save on the significant expense that comes with password management costs, such as help desks.
"Passwords are the single most critical point of failure for Active Directory domains, and now companies have the ability to once and for all eliminate passwords which will bring real benefit in terms of security, user experience and saving resources," said Raz Rafaeli, CEO of Secret Double Octopus.
Secret Double Octopus protects companies by replacing passwords altogether with a high assurance, password-free authentication paradigm. Using the Windows Credential Provider in conjunction with standard interfaces to Active Directory, Octopus Domain Authentication replaces AD passwords with a stronger, more secure alternative. It allows AD domain administrators to remove password credentials needed for domain logons, and instead, utilizes an authenticator that users can access on their mobile devices.
Secret Double Octopus' authentication is based on Secret Sharing Schemes, a secure crypto-based system that does not store secrets or remember passwords. Since the authentication process utilizes an out-of-band communications channel to the user's mobile device, attacks on the system become harder to carry out since it would require attackers gaining control over multiple devices simultaneously.
About Secret Double Octopus
Secret Double Octopus is in the business of protecting the weakest link in security - the human user. Our keyless access platform combines strong authentication, single sign-on and password replacement for applications, clouds, networks and 'things'. Secret Double Octopus was selected as a Top 5 Cyber Security Innovator by Citibank and won PwC's game-changer award for Global Financial Services Innovation. Our services are available globally through our network of strategic partners, including Tech Data, PwC and others.
To learn more, visit http://www.doubleoctopus.com
GK for Secret Double Octopus
SOURCE Secret Double Octopus