Combine Sophos SafeGuard Disk Encryption's Challenge Response with a mobile phone

  • Article ID: 109325
  • Updated: 29 May 2009


Product
Sophos SafeGuard Disk Encryption 4.60

Client OS

Windows 2000 Professional SP4, Windows XP SP3

Server OS

None

Question

How can I be sure that the user, who requests a Sophos SafeGuard Disk Encryption response code, is the right one (authentication)?

Answer

It could be a concept to combine the Challenge Response feature with a mobile phone to overcome the necessity to authenticate the user to the helpdesk.

Often a helpdesk has the problem, that they don´t know the person on the phone, if they want to reset the password.
So the procedure could be as follows: After a user requests (phone call) a new password from the helpdesk via challange response, the helpdesk would ask for the name (and also necessary further information) and will send the response via SMS to the mobile phone.

There are many providers who offer free SMS, or you must pay for a guaranteed time frame. Another advantage is that a user recognizes that somebody tries to hack his password.


keywords: sde

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments