V. VPN (Virtual Private Networking)
ExpiredMobile One-Time Passwords (MOTP) Setup
Secure Two-Layer Authentications for Teleworkers and mobile VPN users
Teleworkers or remote users will typically have a password to log into your office VPN. Although this is quick and easy, if the user saves the password on their PC, writes it down somewhere or are seen typing it, your VPN and therefore your network is immediately compromised.
A single password provides just a single layer of security; only one fixed piece of information to crack, intercept or otherwise get hold of, and that piece requires only the user's memory. Once intercepted, an authorised person can log into your VPN whenever they wish. By introducing a second security factor, of a different type, you introduce a two-layer authentication. By different 'type' we mean that it cannot just be an extra password; it has to be something that uses a method other than the user's memory.
Your mobile phone as your key
Authentication devices are now commonly used for online banking to provide a second layer of security; instead of just a password held in the user's head, they also require some other real-time method of credential generation. Most commonly that is a small keypad or display unit to be carried around.
With DrayTek Mobile One-Time Passwords (MOTP), instead of carrying around an extra device, you install a program on your mobile phone and that becomes your authentication device. The guide below explains how to configure the router and gives an example setup one MOTP application, but the setup process with any other MOTP application will be similar.
MOTP
Authentication Device Setup
To use MOTP an MOTP application needs to be installed on the users phone and then synchronised with the router. MOTP applications should be widely available on the retrospective stores (Apple App Store, google play etc) for device to be setup. In this example we use mOTP from the Apple App store.
Generate a 32 character secret key, normally the application will provide a way to create a random one automatically, in the case of mOTP the phone should be shaken to generate the random key. The secret will be needed when setting up the router, so take a note of it for use later. Choose and memorise a 4 key pin (you don't need to enter this in the setup) and that's it. The next step is to setup the router as explained in the other tab.
- First Published: 18/03/2013
- Last Updated: 22/04/2021