In addition to more rigorous authentication of users on
log-in, two-factor authentication also provides protection against common
hacking strategies.
• One time use (to prevent “replay attacks”): To prevent a
hacker from capturing and reusing a numeric code while it is still valid,
SLIM-Collaborate’s authentication protocol prevents reuse of the
code.
• Mitigation of brute force attacks: A hacker could automate submission of the code and try every number from 000000 to 999999 within the 30 second period. We mitigate this by “throttling” the number of tries allowed. With this method, a hacker would have to keep trying every 30 seconds for over a year to have a good chance of breaking in.