CA Strong Authentication Windows Installation Guide › Introduction › Plug-ins

Plug-ins

CA Strong Authentication provides the following out-of-the-box authentication methods:

• CA Auth ID

  CA Auth ID is a CA-proprietary secure software credential that provides two-factor authentication. An CA Auth ID is a small data file that by itself can be used for strong authentication to a variety of clients such as, Web or Virtual Private Networks (VPNs).

  See "CA Auth ID Key Concepts" for more information about CA Auth ID.

• Password

  The user is issued a username and a password to log in to the system.

• One-Time Password OTP/Activation Code

  One-time password is another credential generated by CA Strong Authentication Server. An OTP/Activation Code can be numeric or an alpha-numeric string. It can be configured as many times it is used.

• OATH-Compliant One-Time Password

  One-time passwords that are complaint to Open Authentication (OATH) standards. CA Strong Authentication supports both counter-based OATH OTP Tokens (HOTPs) and time-based OATH OTP Tokens (TOTPs).

• Question and Answer

  Question and Answer (also known as QnA) is a challenge-response authentication mechanism. Users authenticate to CA Strong Authentication Server by providing correct answers for the questions they are asked. These Questions and Answers are set by the users themselves during registration.

• CA MobileOTP

  CA Auth ID OTP is compliant to OATH, Europay, MasterCard, and VISA (EMV) standards. If your application is integrated with CA Auth ID OTP, then it accepts the user’s password as an input and generates passwords (also known as passcodes) on the users’ device. The user submits this passcode to authenticate to your Web application. Based on the authentication result, user is granted or denied access to the protected application.

  Passcode generation is an offline process, which means that your application need not be connected to CA Strong Authentication for generating passcodes.

• LDAP Username-Password

  CA Strong Authentication supports LDAP authentication, where the user credentials in the directory service are used to authenticate users.

You can issue one or more of these credentials to your users. You can also issue multiple credentials of the same type.

To extend the default authentication mechanisms, write Plug-Ins.