Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security Features

2 Factor Authentication Methods

The Bingo Card (Static Grid Card) is a 2 (Separate) Factor Authentication solution and is definitely a step up the security ladder. Look at the following and then I'll explain.

2 Factor Authentication Methods2 Factor Authentication Methods

The user is first prompted for a username and password as normal. Then a challenge is received to derive values from the grid card:

2 Factor Authentication Methods

Now we have a number of individual factors that determine a successful outcome. This fact renders it very resistant to phishing. The only snag here is administration - each time a set of co-ordinates is used, they cannot be used again or security degrades. This is further restricted by the size of the card, and the amount of data that it can contain.

TAN Lists Transactional Access Numbers (TANs) are considered to be a weaker form of grid card than the bingo cousin above. They are in the 2 (Separate) Factor Authentication solution category. A TAN list is a series of numbers of varying length (chosen by the creators) entered on a card.

2 Factor Authentication Methods

A user might be prompted for details as follows (note that this example does not use the TAN list above):

2 Factor Authentication Methods

Having entered a username (or number in this case) and password, the user is prompted to select a number from the TAN list and enter it. This is a popular solution in EU countries.

Mobile Phone SMS Passwords are another form of a 2 (Separate) Factor Authentication, in which one-off numbers are sent via SMS to your mobile phone when logging in. The user registers their mobile phone with the site, and at login time, the SMS message is sent containing a password or PIN. The user enters that unique data as a factor in the login process.

This service can be constrained by the ability of the phone carrier to route SMS messages through in a timely fashion, and to provide coverage to the location from which the user is connected to the Internet. Of course, there is also the somewhat relevant point that not everyone owns a mobile phone (surprising, but true!)

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi all,I need your suggestion for a router upgrade.Actually I'm using an RT-AC66U (Mipsel/Single Core) with Entware-NG.All worked fine, even if I'm st...
My headless server is placed on the attic with only power and ethernet, it has a old static IP assigned from within windows, so it now faults to a 16...
Hi, today I found that when adding a specific DNSFilter rule for my laptop, the router (RT-AX88U) was still using the 'default' DNSFilter rule for the...
I'm running an SFTP server on one of my computers, connected via ethernet to my RT-AC68U running the latest Merlin firmware.When I access the server d...
Sorry for long post, but wanted to provide some background and how I have my routers setup...I have ATT as my ISP who provides the BWG210-700 modem/ro...

Don't Miss These

  • 1
  • 2
  • 3