miaa PolicyGate allows you to implement conditional two-factor authentication and enhanced password policies:
- demand the user to renew the password under certain conditions (and disallowing the reuse of passwords). Typical conditions are:
- expiration, i.e. after a fixed period of time
- aging, i.e. after a number of logins
- entropy, i.e. when the password is too weak
- lock-out, i.e. after suspect behaviour
- convert legacy password hashing into a more robust hashing algorithm
- enforce different password policies for different segments of users
- challenge a user with a second factor authentication, such as a sms text message, under certain conditions (step-up authentication)
miaa PolicyGate can also alert users in cases of suspect activity, such as too many failed login attempts, and in cases of known phishing attacks.
Please refer to On the use of passwords for some use cases.