Our certificate management tool allows you to protect the use of certificates with different protection mechanisms or authentication factors. You can combine them in different ways, and they may be associated with different Security Policies.
How Authentication Factors Work
Whenever access to a user’s Digital Certificate is requested, Fortress steps in and asks the user for authentication based on one or two Authentication Factors that the user has active among. Authentication Factors can be associated with:
- Users
- Working Groups
- Client Systems (APIs)
The administrators of a Working Group or a Client System may decide which Factors their users may use, and among those enabled for each case, Users may choose one or more to protect their Certificates.
When you decide to use 1 or 2 Authentication Factors
A user may define in the configuration of his profile the use of 1 or 2 Authentication Factors, however, if the use of the centralized certificate has been requested by a Client System, integrated with Viafirma Fortress, The security policy defined by said System shall prevail, that is, if the request requires the use of 2 Factors, the user must use them even if in his personal configuration this option was not activated.
Combination of 2 Authentication Factors
When the use of a centralized Certificate with double Authentication Factor is required, the user will not be able to make use of 2 Factors of the same category. The categories of Authentication Factors supported are:
Something I know
- Password
- Password
- LDAP
Something I have
- SMS OTP
If you want to know more about these features you can write to us. We will be happy to help you.