In addition to user ID and password, additional protection will be achieved through the use of a further access component, the temporary code. This temporary code is generated new for each login by Visulox, transmitted to the user and verified by the system subsequent to being entered. Visulox doesn’t require any additional physical components and uses existing resources: mobile phone or Email system.
After a correct login with user ID and password, the user receives a temporary Access Pin (TAP) by SMS or email, with which the user can complete his/her authentication in the system. The TAP will be sent to the pre-stored address / phone number in the system. The user must therefore have access to his mobile phone or email account. Upon agreement, the user can also request a TAP from the service desk over phone.
The TAP is a code that has 4 – 12 characters, is randomly selected, is never repeated within a week and has a defined lifetime. Length, lifetime, interface and texts are configurable in Visulox – Policy Manager. Different TAP policies can be stored. Policies are hereby defined based on username, group membership and the remote IP address. The remote IP address is not the IP address of the client, but rather the IP address seen by Visulox. In most cases this is the NAT’ing router and thus an official IP address. The policies can therefore be tailored to used communication paths. For example, if the user works in the internal network, the need for TAP will be waived, in the event that the user works from a remote workstation over the Internet, the user will only be granted access with TAP.
Phone numbers and email addresses are provided through the User Repository. Each potential user can be equipped with an access possibility, even if the user rarely logs in. The resulting license costs for Visulox are limited to users working at the same time.