This SANS whitepaper discusses the theory behind user-based two-factor (or multifactor) authentication systems, also known as “2FA”.
This SANS whitepaper focuses on enterprise solutions for two-factor authentication.
More on Two-Factor Authentication and it's ineffectivenss defense against identity theft.
This example policy from the State of Alabama provides a starting point for system maintenance.
This Security Requirements Guide (SRG) is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the NIST 800-53 and related documents.
This whitepaper is directed at IT, Security, and Compliance workers who are responsible for recommending or evaluating security products; or running and managing two-factor authentication infrastructure.
This is an example of an identification and authentication policy for Texas A&M
This example policy describes how information resources shall obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
This example policy describes the configuration of resources to uniquely identify and authenticate users not affiliated with the university who are permitted to utilize university information resources.
This example policy describes the capability for information resources to uniquely identify and authenticate university faculty, staff, students, and other approved users.