2-Factor Authentication(2FA) for ASP.NET

Using Second Factor Authentication (2FA):

2FA (Second-Factor Authentication) is a security system that verifies a user’s identity by requiring multiple credentials. Rather than just asking for a username and password, 2FA requires other—additional—credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition. 2FA is an effective way to provide enhanced security for your ASP.NET applications.
Traditional usernames and passwords can be stolen, and they’ve become increasingly more vulnerable to brute force attacks. 2FA creates multiple layers of security to help increase the confidence that the user requesting access is actually who they claim to be. With 2FA, a cybercriminal may steal one credential but will be thwarted by having to verify identity in a different manner.

Key Features

Passwordless Login using Username

Allows users to log in using Username and OTP thus, preventing the need to enter Password.

User Self Enrollment

It offers inline registration of users so you can simply activate and configure the plugin and you are all set.

VPN/Windows Solution

Provides 2FA solutions for Open VPN, Palo Alto, Cisco Pulse, Windows , RDS and etc.

IP Restriction

Admin can limit users to login from specific IPs. It will provide additional security to the accounts.

Remember Device

User would get an option to remember the personal device and users can directly login with same the saved device where 2 Factor is not required.

Supports All Phones

All types of phones are supported Smart Phones (iPhone, Android, BlackBerry), Basic Phones, Landlines, etc.

Benefits

Strengthens Security

By requiring a second form of identification, SMS-2FA decreases the probability that an attacker can impersonate a user and gain access to computers, accounts or other sensitive resources.

Simplification of Login Process

You can login using username along with password and two-factor or username and two-factor.

Deploy quickly

It can be deployed for your entire userbase in minutes.

Multiple Authentication Methods

We support multi factor authentication for all type of phones such as Soft Token, QR Code Authentication,Push Notification are supported by miniOrange Authenticator App.

Highly Secure

If your phone is lost or stolen or discharged, we offer alternate login methods like OTP Over Email and Security Questions (KBA) and if your phone is offline, you can use a one time passcode generated by app to login.

Configure Google Authenticator

Google Authenticator method is supported by both Google Authenticator and Authy App. You can configure Google Authenticator method by Google Authenticator as well as Authy 2-Factor Authentication App.

Your choice of second factor

miniOrange authentication service has 15+ authentication methods.

One time passcodes (OTP) over SMS

OTP over Email

OTP over SMS and Email

Out of Band SMS

Out of Band Email

Soft Token

Push Notification

USB based Hardware token

Security Questions

Mobile Authentication

Voice Authentication (Biometrics)

Phone Verification

Device Identification

Location

Time of Access

User Behavior

You can choose from any of the above authentication methods to augment your password-based authentication. miniOrange authentication service works with all phone types, from landlines to smartphone platforms. In the simplest case, users just answer a phone call and press a button to authenticate. miniOrange authentication service works internationally and has customers authenticating from many countries around the world.

2FA for ASP.NET Applications