MFAProxy: A reverse proxy for multi-factor authentication
Date
Authors
Major Professor
Advisor
Committee Member
Journal Title
Journal ISSN
Volume Title
Publisher
Authors
Research Projects
Organizational Units
Journal Issue
Is Version Of
Versions
Series
Department
Abstract
Multi-factor authentication has been shown to be an effective method to reduce the risk of remote attacks, because it prevents many attackers from easily gaining an initial foothold into an organization. Many sites only support single factor authentication based on passwords which have well known weaknesses. This paper describes MFAProxy, a reverse proxy that adds multi-factor authentication to sites that currently do not support it. The proxy can be deployed in a variety of configurations within a network to meet specific security goals. It supports flexible combinations of several factors including passwords, one-time passwords, and tokens based on public-key cryptography. Each of these factors offer a unique balance of security and usability that must be considered when an organization deploys multi- factor authentication.