Learn how DS3 2-factor authentication technologies can be easily deployed as simple software PAM plugin within a standalone UNIX Server to secure logins to the server.  With the 2FA PAM Plugin, there is no need to connect the UNIX Server to an external authentication system.  The entire 2FA authentication happens within the plugin for ease of use and deployment.

Why 2-Factor Authentication?

Logins to sensitive systems using standard UserID and Password is just not secure enough.  Simple network sniffing utilities such as tcpdump or freely-available hacking / phishing tools from the Internet will easily enable a malicious user to get hold of the login credentials of an inattentive or overworked system administrator. This is where 2-factor authentication becomes important.  By using the DS3 2FA PAM plugin, the root or any other critical account can be configured to require both the password, as well as the OTP (One-time Password) in order to authenticate the administrator.  To obtain the OTP, the administrator can have a choice of either a physical hardware OTP token, a software OTP token running in Windows or even a software J2ME token running in the mobile phone.

DS3 2FA PAM Plugin

The DS3 2FA PAM Plugin is a standalone UNIX software module that can be installed in various flavours of UNIX.  It consists of a UNIX PAM module which performs the authentication of the OTP internally while allowing the password authentication to flow back to the UNIX system.  The verification of the OTP is based on the OATH HOTP standard RFC 4226.

The DS3 J2ME Midlet OTP for Java-enabled mobile phones is available for download here

Please click here to download an evaluation copy