2FA - MachCloud Blog

MachCloud is the first provider of its kind to introduce Zero Sign-On Authentication (and why that is a big deal)

Getting rid of passwords is the best way of keeping them out of criminals’ hands. Introducing Zero Sign-On, also known as passwordless authentication method, increases security by preventing incidents caused by weak, stolen or leaked passwords. It also reduces administration hassle by automating the login process. This article describes the introduction of Zero sign-on at MachCloud, and why we believe you should start using passwordless authentication as soon as possible.

We all want to be safer online. Passwords are a weak link in online security. Passwords can be guessed, stolen from the company’s server, leaked from a device or compromised if users share them.

By adopting passwordless technology based on private keys, user keys cannot be guessed or shared between users. Private keys cannot be stolen by hacking into a company’s server or database and the method is resistant to phishing attempts because they’re all unique to websites. They can’t be used on fraudulent lookalike sites.

Why is it needed?
Today we use multi-factor authentication and password managers storing new usernames/passwords for every login. Unfortunately, this means more hassle and isn’t sufficient as a measure to avoid security breaches. Increasing malware attacks, social engineering scams, and password sharing results in tens of billions of login credentials being exposed by data breaches. Passwordless authentication is necessary to keep criminals from taking over accounts using stolen username and password combinations.

How does Zero Sign-on Authentication actually work?
When you connect to a secure website, your browser and the server exchange encrypted messages to keep your communication private. This encryption is made possible through the use of cryptographic keys. Think of cryptographic keys as a pair of locks and keys. Just as you can unlock a lock with its corresponding key, encrypted data can only be decrypted with the corresponding cryptographic key. When you establish a secure connection, your browser and server generate a unique key. These keys are then used to encrypt and decrypt the messages that are sent between them.

The keys are also securely shared between your browser and the server using public-key cryptography. This ensures that only your browser and the server have access to the keys, making it extremely difficult for anyone else to intercept or read the messages being exchanged.
A passkey is a passwordless way to log in to apps and websites. A passkey is another name for a pair of cryptography keys generated by your authenticated device. A public key and a private key combine to create a passkey.

The website or web server stores your public key when you log in. The private key is only stored on your device. After your device authenticates your identity, the combination of the two keys grants you access to your account on the website. Passkeys are unique to each web server or website. Your PC or Mobile device that generates the passkey uses a biometric authentication tool, such as TouchID, to authenticate your identity. Windows Hello is a biometric authentication service offered by Microsoft that allows users to securely log in using facial recognition or fingerprint scanning. The result is that a secure login becomes as easy as scanning your fingerprint on a PC or Mobile device.

Apart from biometric data authentication, an extra layer of protection can be added with hardware security keys. These dongles can be USB keys, NFC keys, and Bluetooth keys.

MachCloud takes Zero sign-on Authentication security to the next level
Using passkeys, you can log into MachCloud’s Control Panel securely using the biometric authentication tool, such as TouchID (fingerprint reader). Activation is a simple 3-click action in account settings. One-time activation of Passwordless Authentication opens a security dialogue that asks permission to register the computer or mobile device. Each user adds their device using the Fingerprint reader and passkey system in the PC, such as Windows Hello. After device registration, the next logins of MachCloud’s Control Panel are as simple as scanning a fingerprint.

There is no need for the user to juggle multiple passwords and authenticators. This much simpler authentication process takes away the need to manage passwords among employees.

MachCloud – The robust platform for Calling in Teams Solutions

MachCloud is an all-in-one digital communication platform that is equipped with all the modern collaboration tools of today. It offers Calling in Teams solution. Its product, MachCloud Solution for Microsoft Teams®, provides simple and reliable solutions for cloud communication for Microsoft Teams. MachCloud Solution for Microsoft Teams® is a fully automated service for end-to-end encrypted calling in Microsoft Teams through Direct Routing.

Head to MachCloud to unleash the power of Microsoft Teams with a modern approach.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.

Tag2FA

Zero Sign-On Authentication

Get in touch !

Recent Posts

Tag2FA

Microsoft Teams security provides top-notch security features to its customers

Two-factor authentication – 2FA makes Microsoft Teams security reliable

ALSO READ: Unleash the power of Microsoft Teams with an existing PBX telephone system

MachCloud – The robust platform for Calling in Teams Solutions

Get in touch !

Recent Posts