What is authentication and why an application must employ such solutions?
Authentication is a way of proving your identity. In other words when you login into a website using a username and a password you are authenticated.
Websites and other services need to authenticate their users so they can take advantage of the service and make sure no malicious person with bad intentions (a hacker) can act on your behalf or gain access to your personal data.
Why one would need an application for this?
Memorizing passwords isn’t fun and it is frustrating when the password is forgotten and it needs to be reset. To solve this issue many people use password managers. Password managers revolutionized the way people authenticate, they made it simple, and if utilized properly increased the security to a degree by allowing users to create strong and different passwords.
This approach solves a few issues:
1. Use of a weak password (this makes users vulnerable to different vectors of attack and a common attack would be a so-called brute-force attack).
2. Reuse of the same password (this is dangerous because it has a cascading effect: if for some reason a website is hacked – all your other accounts are compromised)
First of all, security.
3. Inconvenience of memorizing passwords.
Even though password managers make authentication less painful it is still not enough. Password managers store all passwords in their database(s) which means you are putting all your eggs in one basket. Actually, it means not only your eggs in one basket but also the eggs of other users. All this deliciousness is very attractive for hackers and in fact, there have been a few successful attacks on password managers.
This is not only a password manager’s issue, it is a universal problem for websites and services. Even the strongest password cannot protect users from being hacked and to improve security many companies employ an additional layer of security or even a few. The most common approach is Two Factor Authentication (2FA), some may even employ Multi-factor authentication. 2FA simply means that a user has to go through an additional step of authentication, usually, one or more of the following approaches are utilized:
- Something you have (e.g. device, key, bank card, etc.).
- Something you are (e.g. fingerprint, eye iris, voice, etc.).
- Something you know (e.g. password, PIN, TAN, etc.).
There are many solutions out there with a similar approach but they are all complicated and are not very convenient. A user has to go through a few steps in order to set applications or web solutions up and besides a user has to enable manually 2FA for all websites or web services:
- Sign up on a website using an email and a password (repeating the password and filling in additional fields)
- Verify the email.
- Enable 2FA (if available on the website). This usually means a few additional steps:
- Installing the authentication app if not already installed
- Adding the website to the authentication app:
- Finding the 2FA option on the website.
- Scanning a QR code or manually adding the code.
- Verifying 2FA codes.
Since it is a complicated process to set 2FA up as well as logging in using 2FA, not many users enable it.
What is the solution?
A process that is supposed to be seamless suddenly became so complicated hence nobody actually takes advantage of this approach. Things get even more complicated if/when a user needs to reset the password, loses access to their 2FA, and if a user wants to manage the accounts.
So what is the magical app that is secure, privacy-focused, convenient, and lacks the flaws mentioned above?
Introducing One account – a privacy-focused, secure, and convenient authentication system with built-in 2FA (MFA).
One account enables its users to take advantage of its one-click signup solution. That’s it! One-click to sign up and if 2FA is requested it is an additional 4-digits PIN code for increased security and the best part is the process is the same for all websites or services – a click to sign up, no need to go through a complicated set up on every website or service. Moreover, there are no passwords, One account is completely password-less.
One account is more than just an authentication system, it is a full-fledged account management system, everything you need to manage your accounts is in one convenient app. As the name implies you have One account and services just make use of it while you are in full control of every detail of the process and data that is shared. Doesn’t it makes sense to use One account rather than trying to manage and keep secure each and every of dozens of unnecessarily created accounts on different services?.
At this point, some may ask: don’t social login systems provide a similar solution? This is an excellent question and right on spot!
There are a few problematic areas that can be highlighted here:
1. Since those solutions are tightly coupled with the provider, users are at risk of being banned and/or locked out of all their accounts. On a social website a user can be banned or locked out for various reasons:
- A comment or a post which the social website considers inappropriate.
- Suspicious activity.
- A malware on a user’s computer that sends requests to the website.
- The social website is banned in the user’s country
- The social website bans users from a specific country
2. There is always a risk of a website user is logging in is not trustworthy and will post on your behalf on the social website, which can lead to a problem 1 – being banned on a social website.
3. Manual set up of 2FA on the social website.
4. Less secure, 2FA is only employed at the time of authentication on a social website, not when a user authenticates on a particular website.
5. Not privacy-focused at all, in fact, the opposite is true in most cases.
As you may have guessed One account doesn’t have any of those issues.
There is much more than those highlighted issues, but let’s skip them to keep this article short and focused. Instead, let’s highlight some of the features of One account:
1. Privacy-focused solution
We never store users’ data on our servers, which means that we never sell users’ data as opposed to any social websites. We believe a user should be in full control of his/her data, decide whether to share or not to share data at all, it also should be transparent to users the data they ever shared.
2. Secure by design
Since there is no data on our servers we are not attractive for hackers thus we are secure by design, we put the eggs of each of our users into a separate basket and therefore hackers will have a difficult time if they decide to hack One account. Of course, in addition to that, we exercise the best security practices available today, we have several security layers throughout our system. We only allow a secure means of transferring the data, so even on transit, it should be secure. We encrypt all databases on our mobile applications and sensitive data on the servers.
3. 2FA built-in
2FA adds another layer of security (currently the most secure way of authentication). A built-in solution of One account makes the user experience seamless. Security with no compromises.
We hate passwords as we are sure everyone does. So we thought why not get rid of them? One account is password-less, thus users never have to worry about losing passwords, exposing them, forgetting them, and or a website leaking their password. No passwords – no need for password managers.
5. One-click signup/login
Authentication should be as easy as it is secure. Our engineers worked really hard to make the process as frictionless as possible. Let us work hard and think of ways of creating the best in class authentication system while you enjoy the best authentication experience.
6. No need for CAPTCHAs
Captchas are needed to protect services from malicious users trying to bring down the service or harm it. At Oila Studio we believe this is unnecessary for a secure solution like ours. This means if a service provides authentication through One account the service never needs to worry about protecting their service since One account has taken care of it. The company is happy and so are the users.
There are many other features that users and companies can benefit from using One account.
We are constantly improving our service to provide an even better experience for our users and business. We are open to all feedback and carefully listen to each of them. Please feel free to direct them to firstname.lastname@example.org or use the widget or contact forms on the website. The same can be used for any questions or inquiries about integration or any other matter.
Please check the website for more information: https://oneaccount.app.