If a phone or notebook is lost, the administrator can deactivate the token easily, and assign a temporary token to that user. The seed file will not be compromised in this situation, and you can set a pin number along with the token code to assure that someone who steals a phone will not be able to use their token, should they manage to have access to the username and password. PINs (Passwords; they can contain any number of any characters) can be set on the tokens; these PINs encrypt the seed file on disk. Deniable encryption is used, meaning the low entropy of most unlock-codes, PINs or passwords cannot be exploited to brute-force the seed-file, unlike our competitors. Furthermore, if you feel someone may be able to steal a device and then guess a passcode / PIN, Mi-Token's administrative flexibility is such that you can even allow users to unassign tokens from themselves via a website, as well as making it very straightforward for administrators to unassign tokens from users.
If the user loses the smart phone, or their notebook (where the backup of the smart phone is located), could the seed file be compromised?
Modified on: Tue, 4 Nov, 2014 at 10:08 AM
Did you find it helpful?Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.