HN2new | past | comments | ask | show | jobs | submitlogin

What are "authenticated devices"? The closest I can think of are client certificates being installed on the devices and used as a first-level of authentication. It could be anything from TLS client certificates to VPN certificates.


Yep, client certs installed on a device with verified boot and an account authenticated via 2FA would be a good start.


If you do it right (store the cert in a TPM) the device itself actually is a second factor so you don't need anything other than the device.


Wouldn't that require a browser plugin to login with?


You can have a SSO server that requires a TLS client certificate signed by your own internal CA, or you could put it behind a VPN authenticated with the certificate. Either way, with no custom software, you get device and use authentication.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: