Fortinet FortiToken Two-Factor Authentication

Passwords alone don’t keep unwanted guests out of your network. Nowadays, they’re just not enough. Password-only authentication has led to security breaches, malware infections, and policy violations. With one time password makers like FortiToken Two-Factor Authentication, a password is used along with a security token to provide far better security. Authorized employees can access company resources safely using a variety of devices, ranging from laptops to mobile phones. The only other thing you need is and authentication server, and any FortiGate has that already built in.

FortiToken Mobile and hardware OTP (one time password) Tokens fully integrate with FortiClient, and protected by FortiGuard. They leverage direct management and use within the FortiGate and FortiAuthenticator security platforms. And, these two factor authentication solutions are easy to manage use.

These comes as either an app for your mobile device (FortiToken Mobile), or as hardware. In the latter, it is a time based OTP token.

FortiToken Mobile

FortiToken Mobile is an OATH compliant OTP generator application. It supports both time based and event based tokens.

FortiToken makes Android, iOS, and Windows mobile devices behave like a hardware based OTP token without the hassle of having to carry yet another device. Push notifications show details on the mobile device to approve or deny with one tap. It is the client component of Fortinet’s highly secure, simple to use and administer two factor solution for meeting strong authentication needs.

And, FortiToken can also integrate directly with FortiGate Firewalls, including with high availability options; FortiToken Cloud offers a secure, effective way to manage two factor authentication for the FortiGate through an easy to grasp interface that you can get to from anywhere.

Best of all, the FortiToken Cloud service includes the FortiToken Mobile App with PUSH technology. This simplifies the end user two factor experience to a swipe or click to accept. As the second factor, FortiToken Cloud works with the FortiGate and does not interfere with the initial user name and password login process. There is no added hardware or software required.

Privacy and Control

FortiToken Mobile cannot change settings on a phone, take pictures or video, record or send audio, or read or send emails. Further, it cannot see browser history, and it requires permission to send notifications or to change any settings.

Additionally, FortiToken Mobile cannot remotely wipe a phone. Any visibility FortiToken Mobile requires is to verify the OS version to determine app version compatibility, that’s all.

FortiToken hardware

Or if you prefer, hardware OTP tokens can be used to prevent users’ passwords from theft via phishing, dictionary, and brute force attacks.

FortiToken devices are completely integrated with FortiClient and protected by FortiGuard. It is OATH TOTP compliant. There are a couple of options.

FortiToken 200B

The FortiToken 200B is a small, keychain sized device that is super simple. There is no software to install. Simply press the button and the 200B displays a secure one time password every 60 seconds. The password verifies user identity for access to your protected networks and applications. And there is an indicator on the screen showing the time left until the next OTP generation. The FortiToken 200BCD version ships with an encrypted activation CD for the ultimate in OTP token seed security.

FortiToken 220

The FortiToken 220 looks like a small credit card with a little LCD display on it. It has a pre-cut hole for a keyring, and operates the same way. Both FortiToken hardware solutions have large, easy to read displays, and long-life lithium batteries.

And then there’s the FortiToken 300

In addition to these OTP solutions, the FortiToken 300 is a high security PKI based token. It’s a USB device offering a variety of security capabilities. These include certificate based public key infrastructure (PKI) authentication, digital signing, encrypting/decrypting files such as emails and documents, VPN client authentication, and more.

The 300 ensures private keys are generated, stored and used internally in a secure chip. As a result, the keys are never at risk of theft. The FortiToken 300 token is FIPS 140-2 validated and fully certified to ensure this level of safety meets the highest standards. The FortiToken 300 token requires no drivers for most operating systems including Windows, macOS, and Linux. It is natively recognized by the OS, making it easy to use with no plugins necessary.

It bears repeating; Fortinet two factor authentication solutions are easy to manage and easy to use. They’re also very affordable, especially when you shop at Corporate Armor. If you have any questions or need help of any kind, please email us or call 877-449-0458. Thanks, and we can’t wait to serve you!

FortiToken Two-Factor Authentication highlights

Unique token service via FortiGuard minimizes provisioning overhead, ensures maximum seed security
Perpetual token license and unlimited device transfers eliminate annual subscription fees
Scalable solution leveraging existing end-user devices offers low entry cost and TCO
Reduces costs and complexity by using an existing FortiGate as the two-factor authentication server