Introducing LoginTC Chrome: World’s first non-OTP 2-factor authentication Chrome app
April 08, 2015 • Ilana Belfer
We did something pretty revolutionary this week — so don’t mind us if we gloat! We officially released the world’s first non-OTP 2-factor authentication Google Chrome app, LoginTC Chrome.
What is LoginTC Chrome?
LoginTC Chrome packs the same tried and trusted features as LoginTC Mobile: it’s a highly secure, simple-to-use two-factor authentication (2FA) solution that’s scalable to millions of users at costs way lower than competitors. However, instead of leveraging your existing IT infrastructure plus mobile devices for 2FA, it leverages your investments in desktop or laptop computers via Google Chrome.
Why is LoginTC Chrome revolutionary?
Choice. Which device will you choose to enable with LoginTC — smartphone, tablet, iPod touch, or PC? We can’t stress the importance of user empowerment enough. When users are empowered to be the guardians of their own online security and that of their company, user adoption skyrockets and so does the level of protection organizations can achieve. At the same time, training and administrative headaches take the plunge because everything sails smoothly when 2FA feels like second nature.
Fills Industry Gaps. It is heartening that the authentication industry is moving away from legacy methods of 2FA (such as hard/soft tokens and PKI certificates) and embracing the convenience of tokenless or phone-as-token solutions. However, gaps still exist within those systems. Even in a BYOD (bring your own device) context, there are end-users who do not wish to use their personal smartphones for work purposes, and there are businesses that do not wish to issue mobile devices to all their employees. Then there are people who would simply prefer to use a computer rather than a mobile for authentication. We grant them that permission. This expands the reach of 2FA and resolves any barriers to its deployment, as well as to the implementation of BYOD.
Non-OTP. The other issue with many state-of-the-art 2FA systems is that they are OTP-based. By instead opting for Secure Remote Password protocol, we’ve eradicated the inconvenient, unsecure and expensive measures that might exist as part of one time password based 2FA, such as: codes that can be copied or replicated on other devices, racing against the clock to type in an OTP, unreliable and geographically-limited SMS channels and supplementary hardware requirements.
User Experience. We’ve already provided users who sign in to corporate resources (e.g. VPN) on their phones (e.g. via Cisco AnyConnect) with a seamless, safe single-screen sign on experience. You can read more about that here. But don’t the majority of us sign in to online accounts on our computers? We thought it was high time we make that user experience seamless, safe and single-screen sign on as well.
How does LoginTC Chrome work?
It’s really simple! Administrator-provisioned users just “add” the LoginTC app to their Google accounts through the Chrome Web Store. When you log in to a LoginTC-protected asset (e.g. VPN) with your first factor credentials (username and password), a second-factor access request is sent to your corresponding desktop or laptop via Google Cloud Messaging. Deny or Approve with the click of a mouse!
To download the app for free right now, click here.
ATTN Admins: Find out what has to happen on your end here.We promise, our solution is just as easy for admins to configure as it is for end-users to use.
Does LoginTC Chrome still count as 2-factor?
Absolutely it does! Good question, though. Even though Google Chrome is accessible from any browser, LoginTC creates a secure point to point session between its services and one specific computer per user. Therefore, your usual username/password act as your first-factor credential, and the paired PC turns into your strong second-factor credential.
Can I use LoginTC Chrome? How?
LoginTC Chrome works with all PC platforms that run Google Chrome: Windows, OS X, Linux, and Chromebooks. On the back-end, our Connectors integrate with any RADIUS-speaking VPN, as well as IAM or WAM systems and CMS. Browse our docs and find the Connector that works with your infrastructure. You’ll find detailed, custom step-by-step instructions directed at admins there.
For support, check out our FAQ and if you can’t find your question, email support@cyphercor.com. We’ll get back to you right away. You can also start by conducting a Proof of Concept with our free Starter Package for up to 10 users.