This is one of 4620 IT projects that we have successfully completed with our customers.

How can we support you?

Weißes Quadrat mit umrandeten Seiten rechts oben

2-factor authentication web portal

Project duration: 9 months

Brief description

The web portal, which can be accessed via the open Internet, is used by customers to manage order data. The web portal is multi-user capable and some users have extended rights. Since there is potential for abuse with these administrative accounts, according to the security pentest carried out, the administrative accounts should be secured using 2-factor authentication in order to keep the risk of abuse from outside as low as possible. The implementation of this functionality and the quality tests of the implementation have been carried out by us.

Supplement

The web portal is implemented using the ASP.NET web application framework. All data is persisted in a SQL Server Express database. The ASP.NET framework is also used to integrate the 2-factor authentication into the web portal as smoothly as possible. The processing of the 2-factor authentication is limited to the server side without exception. This task is carried out by the server-side processing of the data via the class libraries of the ASP.NET framework. The newly created functionality supports the implementation of a so-called two factor authentication. This means that the user has to identify himself with two independent factors. This is a password and a code that the user receives by email.

Subject description

If 2-factor authentication is activated for a user account, the user must identify himself with a further so-called verification code after the password has been successfully checked. The verification code is generated by a random generator. The code is sent by email to an email address stored for the user. After the user has authenticated himself with the verification code (token) created for him, ASP.NET generates a temporary cookie that describes the user. This authentication is checked for validity every 30 minutes by default.

Overview

Project period06.01.2020 - 30.09.2020

Have we sparked your interest?

Jetzt Kontakt aufnehmen

Zum Umgang mit den hier erhobenen Daten informieren wir in unserer Datenschutzerklärung.

Contact now

We provide information on the handling of the data collected here in our privacy policy.

Download file

We provide information on the handling of the data collected here in our privacy policy.