In 2004 Bill Gates predicted "the death of the password," yet reusable passwords persist because pragmatic alternatives have proven elusive, especially for the average user. Two-factor solutions have historically been considered the best complement to reusable passwords, but have been either too expensive or too complex for broad use. Penn has identified a two-factor solution based on Google's open-source multifactor authentication software. This talk will review common two-factor problems and mistakes, how Penn's research and pilot programs led us to pick the right solution, and what options and features are critical to ensuring success.
Assoc CIO and VP for IT, University of Pennsylvania