Time-based tokens are the most appropriate authentication method for remote employees, providing strong security that works across SaaS and internal apps, is device agnostic, and has offline capabilities. Learn why time-based tokens are superior to usernames and passwords, biometrics, and SMS verification for secure remote employee authentication.
Table of Contents
Question
An organization wants to improve the company’s security authentication method for remote employees. Given the following requirements:
- Must work across SaaS and internal network applications
- Must be device manufacturer agnostic
- Must have offline capabilities
Which of the following would be the most appropriate authentication method?
A. Username and password
B. Biometrics
C. SMS verification
D. Time-based tokens
Answer
D. Time-based tokens
Explanation
Time-based tokens are the most appropriate authentication method given the organization’s requirements for remote employees.
Username and password authentication is not sufficient, as it does not provide strong security and can be easily compromised through techniques like phishing, password reuse, or brute force attacks. Passwords also do not have offline capabilities.
Biometric authentication, while secure, requires specialized hardware that is device and manufacturer specific. Biometrics would not work across the range of SaaS and internal applications employees need to access. Biometric data could also potentially be compromised.
SMS-based verification sends one-time codes via text message. However, SMS is not a secure channel and messages can be intercepted. SMS also requires connectivity and does not have offline capabilities. It may not be supported by all the applications employees use.
In contrast, time-based tokens meet all of the key requirements:
- Work across SaaS and internal apps: Time-based tokens can be integrated into logins for cloud and on-premises applications.
- Device agnostic: Tokens can be generated by software or hardware and work independently of the employee’s devices/manufacturers.
- Offline capabilities: Hardware tokens and some software tokens can generate one-time codes without connectivity.
- Strong security: One-time codes that change frequently provide much better protection than static passwords.
Therefore, time-based tokens provide the best balance of strong authentication security, broad application compatibility, device independence, and offline access compared to the other options. They are the optimal fit for enabling secure access for a remote workforce.
CompTIA SY0-701 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA SY0-701 exam and earn CompTIA SY0-701 certification.