Here’s SecurePass, a cloud-based service for multi-platform authentication based on One Time Passwords.

securepass

Password management inside a company is always one of the most delicated and debated topics, and it gets even worse as the number of employees and services to be managed grows. GARL, a Swiss company specialized in security systems, offers SecurePass, a centralized service for identity management.
This offer is composed of four different types of subscriptions that differ in the features included and, of course, the price. The entry-level offer (Personal) is free but has a maximum number of two users and only SSO authentication; as price increases, we have the Business, Enterprise+ and Service Provider plans; the details of the number of users included and the authentication modes supported are available at this link. We’d like to point out that all the prices are quite cheap (3 or 7 € at month per user).

The implementation uses a One Time Password (OTP) and Single Sign-On (SSO) system for unified authentication; a common smartphone or PC can be used as an authentication device, coupled with the free app SecurePass (available for Android, iOS, Blackberry, PC and Mac) that helps to have all the access tokens available without having a dedicated unit.
The device must be authorized using a procedure called Provisioning, then it can be used to generate a temporary 6-number password that is valid for circa 30 seconds.
Secure Pass prevede l’integrazione con i principali servizi che necessitano l’autenticazione remota online: VPN, Content Management Systems (CMS come Joomla e Wordpress) e applicazioni Web. E' possibile infatti utilizzare questo sistema per il collegamento sia a sistemi operativi Microsoft (con protezione dell'accesso e della connessione Remote Desktop verso macchine Windows Server e Desktop) sia a sistemi Linux (direttamente o tramite SSH).

Installation and first approaches

2 secure device2

We used the Business plan for our tests: as it’s a centralized authentication service, regardless of the specific system on which we’ll use it, the first fundamental step is the access to the account management panel. From this panel you can create users (admins or normal users) and Devices, that is, the devices on which you will authenticate with SecurePass; Devices are identified by an IP address (static IPs only), FQDN (Fully Qualified Domain Name) and a secret key. From the same panel you can monitor the state of the service and Provisioning.
The documentation of SecurePass is available in the personal area.

1 pgina local

 

 

 

 

We used SecurePass to protect the access on three different systems: Windows Server 2012 R2, Windows 8.1 and Ubuntu Server 14.04. SecurePass is easily installed on the Windows platform with pGINA, a fee application that acts as a medium between the user and the operating system and handles all the authentication management processes. pGINA uses a set of plugins - which are included in the installer. One of them is the RADIUS protocol, implemented in Secure Pass. The configuration of this particular plugin is not complex, indeed it just asks the reference server and some additional parameters to enable it. Once activated, we managed to connect to it even with remote desktop using the numeric password provided by the application on our smartphone.

The installation on Ubuntu is slightly less intuitive because it’s done through the command line instead of graphical interface. However only a few commands are needed to enable a functioning configuration: after that we were able to establish a secured connection via SSH.


Final thoughts

SecurePass contrasts with the use of a traditional password manager, of which it overcomes some main limits: the need of having it updated manually, the absence of a centralized control and the impossibility of having the complete control of the diffusion of passwords and users, for instance when some sets of credentials are shared among one or more employees or contractors.

Obviously an implementation of this kind has got some limits, which are fundamental to ponder upon when making a decision: on top of all, the need of an Internet connection. Besides that we must applaud GARL for having created a management infrastructure that is geographically redundant and extremely sturdy.

PRODUTTORE

SecurePass

About the Author

Lorenzo Bedin

Lorenzo graduated in Telecommunication Engineering and works as freelance IT consultant, after a period of training as systems analyst. Currently he provides hardware solutions, virtualized infrastructures and websites.

banner eng

fb icon evo twitter icon evo

Word of the Day

The term Edge Computing refers, when used in the cloud-based infrastructure sphere, the set of devices and technologies that allows...

>

The acronym SoC (System on Chip) describes particular integrated circuit that contain a whole system inside a single physical chip:...

>

The acronym PtP (Point-to-Point) indicates point-to-point radio links realized with wireless technologies. Differently, PtMP links connects a single source to...

>

Hold Down Timer is a technique used by network routers. When a node receives notification that another router is offline...

>

In the field of Information Technology, the term piggybacking refers to situations where an unauthorized third party gains access to...

>
Read also the others...

Download of the Day

Netcat

Netcat is a command line tool that can be used in both Linux and Windows environments, capable of...

>

Fiddler

Fiddler is a proxy server that can run locally to allow application debugging and control of data in...

>

Adapter Watch

Adapter Watch is a tool that shows a complete and detailed report about network cards. Download it here.

>

DNS DataView

DNS DataView is a graphical-interface software to perform DNS lookup queries from your PC using system-defined DNS, or...

>

SolarWinds Traceroute NG

SolarWinds Traceroute NG is a command line tool to perform advanced traceroute in Windows environment, compared to the...

>
All Download...

Issues Archive

  • GURU advisor: issue 18 - April 2018

    GURU advisor: issue 18 - April 2018

  • GURU advisor: issue 17 - January 2018

    GURU advisor: issue 17 - January 2018

  • GURU advisor: issue 16 - october 2017

    GURU advisor: issue 16 - october 2017

  • GURU advisor: issue 15 - July 2017

    GURU advisor: issue 15 - July 2017

  • GURU advisor: issue 14 - May 2017

    GURU advisor: issue 14 - May 2017

  • GURU advisor: issue 13 - March 2017

    GURU advisor: issue 13 - March 2017

  • GURU advisor: issue 12 -  January 2017

    GURU advisor: issue 12 - January 2017

  • GURU advisor: issue 11 -  October 2016

    GURU advisor: issue 11 - October 2016

  • 1
  • 2
  • 3
  • BYOD: your devices for your firm

    The quick evolution of informatics and technologies, together with the crisis that mined financial mines, has brought to a tendency inversion: users that prefer to work with their own devices as they’re often more advanced and modern than those the companies would provide. Read More
  • A switch for datacenters: Quanta LB4M

    You don’t always have to invest thousands of euros to build an enterprise-level networking: here’s our test of the Quanta LB4M switch Read More
  • Mobile World Congress in Barcelona

    GURU advisor will be at the Mobile World Congress in Barcelona from February 22nd to 25th 2016!

    MWC is one of the biggest conventions about the worldwide mobile market, we'll be present for the whole event and we'll keep you posted with news and previews from the congress.

    Read More
  • 1