Two-Factor authentication

i’ve been looking around for a two-factor authentication remote access for my clients as we had to be PCI compliant with our payment applications and some clients would like the ability to remote log in to the server. most solutions such as RSA servers which require RSA FOBs which are very $$$$$ (my company uses this currently).

i found a really cheap solution - FREE! And no, I’m not affiliated/working with them in anyway (hope they will give me some sort of ‘advertising fee’ though!)

anyway, i digress - has anyone used if you have, i’d like some feedback on this…

apparently here is how it works:

two-factor authentication means what you know (ie. your username and psw) and what you have (like a smart card/rsa token, that expires after use etc)

you can install a phone factor agent on your computer and configure it for any web banking login,’s remote access… what it does is add a second layer of authentication (what you have, in this case, your mobile phone or any phone really).

  1. Log in to your web account as normal
  2. You get a phone call and have the option to enter a PIN# that you’ve preset or press # key
  3. You’re in

on their website, they mentioned that they’re able to call up to 30 countries, but i couldn’t find the link for which countries. not sure if it will work with Taiwan.

i’ll be testing it on my test server on test web accounts and what not, but would like to know what other people’s experiences have been…