Passwordstate Flexible Authentication Options

Authentication Options

Every organisations has different core infrastructure, and along with that, different requirements for authenticating against their IT Systems.

Passwordstate offer two base forms of authentication - Active Directory Integrated, and Forms-Based Authentication, with 15 additional secondary forms of authentication - including various two-factor authentication options.

Active Directory Integrated Authentication

Passwordstate leverages the investment your have made in your Active Directory implementation, and fully supports multiple Active Directory domains and forests.

In addition to importing user credentials direct from Active Directory, Passwordstate also uses the authentication mechanism inherent to Active Directory & Internet Information Services.

When using Active Directory Integrated Authentication user's are not required to provide any login details to authenticate to Passwordstate - their browser passes through their already logged in credentials to the web tier, which then passes on to the database tier for validation.

Manual Active Directory Authentication

Manual Active Directory Authentication

If you prefer not to use "Pass Through" Active Directory Authentication, you can choose to use Manual Active Directory Authentication. Manual authentication requires the users to first manually authenticate using their AD username and password.

Two-Factor Authentication with EMC's RSA SecurID

RSA SecurID Two-Factor Authentication

Make use of the leading two-factor authentication solution, and require your users to authenticate using RSA's SecurID tokens - http://www.emc.com/security/rsa-securid.htm.

AuthAnvil Two-Factor Authentication

AuthAnvil Two-Factor Authentication

Passwordstate also supports Scorpion Softwares Multi Factor Authentication solution for two-factor authentication - http://www.scorpionsoft.com/software/multi-factor-auth.

Duo Push Authentication Two-Factor Authentication

Duo Push Authentication Two-Factor Authentication

Make use of the leading cloud-based two-factor authentication solution, and choose Duo Security's Push Authentiation - https://www.duosecurity.com/.

Email and a Temporary Pin Code

Two-Factor Authentication using Email and a Temporary Pin Code

When you first authenticate to Passwordstate, a temporary Pin Code can be emailed to an email address of your choice (could even be an SMS Gateway). The Pin Code is only active as long as the time period as specified by your Passwordstate Security Administrator(s).

Two-Factor Authentication with Google Authenticator

Two-Factor Authentication with Google Authenticator

Google provides a free two-factor authentication solution called Google Authenticator, with authentication software available for most mobile clients - https://code.google.com/p/google-authenticator.

Forms-Based Authentication

Forms-Based Authentication

If your preference is not to use the Active Directory Integrated authentication method, you can opt for Forms-Based authentication. With Forms-Based authentication, there is no reliance on AD at all, and users must supply username/password every time they wish to use Passwordstate.

Please Note: When using Forms-Based authentication, synchronizing Security Groups with Active Directory is not possible. Local Passwordstate Security Groups are still available.

ScramblePad Authentication

ScramblePad Authentication

When using Active Directory Integrated authentication, you also have the option to enable a secondary ScramblePad authentication. Individual users can enable ScramblePad authentication, or Security Administrators can elect to make it mandatory for all users.

ScramblePad Authentication works by assigning a Pin number to a user's account. When asked to authenticate, the user must match their pin number against a series of randomly generated letters.

Passwordstate Flexible Authentication Options