Multi-factor authentication

We take your data security very seriously.

A password alone is no longer reliable protection against unauthorised access. Passwords can be shared, guessed or intercepted during transmission. Although security is improved by frequently changing them and using more complex combinations, it does not solve the basic problem: Anyone who knows the password can access your data. A password does not guarantee that only a specific user can log in. 

Multi-factor authentication (MFA) boosts the security of your data. An unauthorised person with your password cannot access your files. The procedure ensures that only the original user is able to log in with their access data. MFA is recommended by the Federal Office for Information Security.

The MFA requires two independent factors as proof of identity. Knowing the password is the first factor, while a second factor ensures that only the authorised user can log in.

Authenticator apps make it very easy to use smartphones as a second factor. When logging in, besides the normal password, WINPACCS Cloud requires a one-time password which is generated via the second factor. This factor is not transmitted like a conventional password, and therefore cannot be intercepted and misused by third parties.

What are the key factors of multi-factor authentication in development cooperation?

MFA must be straightforward to set up and use to ensure worldwide user acceptance.

Logging on to desktop applications must be possible, even where there is no Internet connection and no mobile network.

It must be possible to manage and reset user access centrally at the administrator level.

Organisations that already use Microsoft Azure Active Directory to identify users across applications via single sign-ons should be able to continue doing so.

Multi-factor authentication features

  • First factor: User’s access data. If user names and passwords are incorrectly entered, it is not possible to immediately attempt further logins. These delays make it much more difficult to guess access data
  • Second factor: Optional authentication via Microsoft Azure Active Directory or any authenticator app that uses the open HTOP/TOTP standard (Google Authenticator, Microsoft Authenticator, Authy, ...).
  • With the authenticator app, users log in by entering a code generated by the app on their smartphone. This proves that the person trying to log in is in possession of the mobile phone (a second factor) of the specified user
  • The WINPACCS Cloud User administration enables the process to be easily and centrally managed and set up.

Where can I find more information?

Contact us to find out more about multi-factor authentication in WINPACCS.

We look forward to advising you and discussing any of your requirements.

back-to-top