Two-factor Authentication Solution For OpenID.

I use OpenID for my web and net wanderings. I am also implementing OpenID for two of my projects that needs universal authentication. In my view, of all the authentication solutions that we had for the net, OpenID has been the mana that we have been waiting for. So when I read today that myOpenID, my personal OpenID provider, has introduced CallVerifID TM, A method for two factor authentication for OpenID. It uses phonefactor service for phone based authentication.
If you are a myOpenID user, you can immediately start using it. This phone-based authentication service can use any phone (mobile or landline) as a second authentication factor. The user enters a myOpenID username and password as usual, then simply answers an automated instant telephone call and presses “#”. And that completes the authentication process.
Following is the press release by JanRain;
JanRain and Positive Networks have developed a phone-based, two-factor authentication solution specifically designed to support users of myOpenID. myOpenID, the most popular independent OpenID provider, is a free, fully featured, and secure solution for users who want their own personal OpenID identity. The new secure authentication offering, CallVerifIDTM, is available immediately to all myOpenID users and is based on Positive Networks’ PhoneFactor service. PhoneFactor is the leading phone-based authentication service and does not rely on text/SMS messages, tokens, certificates or the installation of hardware. OpenID is an open standard shared identity service, which enables users to log on to different web sites and applications using a single digital identity, eliminating the need to create and manage separate user names and passwords for each site. OpenID empowers users to control when, where, and how they share personal information. “As the adoption and usage of OpenID accelerates across thousands of websites and applications, it is becoming increasingly important to provide multi-factor authentication options, said Brian Kissel, CEO of JanRain. “Adding CallVerifID powered by PhoneFactor to the myOpenID service provides users with the best two-factor authentication solution available.” The new offering is based on the award-winning PhoneFactor technology and provides simple two-factor authentication and identity protection with far greater security than only using passwords. This phone-based authentication service can use any phone (mobile or landline) as a second authentication factor. The user enters a myOpenID username and password as usual, then simply answers an automated instant telephone call and presses “#”. This completes the authentication process. Complete two-factor authentication and identity protection is instantly enabled with no need for tokens, smart cards or certificates. CallVerifID is currently available for free to myOpenID users in the United States and many other countries, and as an additional service for business clients provisioning OpenIDs to both customers and employees. “Adding strong authentication to OpenID must be simple,convenient and very secure if it is to work for most people.This rules out most traditional solutions like tokens, but is ideal for a phone-based solution like PhoneFactor, said Tim Sutton, CEO of Positive Networks. “We think that the marriage of OpenID and PhoneFactor will be the first really scalable multifactor solution”.

Tags: OpenID, myOpenID, CallVerifID, JanRain