Duo Mobile is a third party tool that adds another level of authentication. It works very well.
Why would you want this? If you are a company that has workers VPN into the company, a password isn’t enough for security. Passwords can be guessed, and issuing an RSA token can be expensive. I believe that the per person cost used to be around $50. With Duo Mobile, its an iPhone App and an email comes to you and once you accept the email, you are setup. So easy!
This is also helpful when you might work with an outsourced security provider. Having a second layer of authentication ensures that no social engineering will happen. It also is more friendly since people don’t have to remember to haul around a physical token generator(RSA token).
Am I telling you passwords aren’t secure? Yes. It has always been the preference of IT departments to have both a password and something that is unique to you. I personally like fingerprint readers and so on, but for many companies they don’t go that route. They tend to like RSA systems like a key fob that randomly generates a number to enter. Which is fine, it just is hated by people who have to use it and annoying.
Many times companies struggle with finding a secure way to authenticate people. I have seen many attempts in companies to move beyond passwords. It is a struggle. However it is clear that passwords are the worst form of authentication. With all the password hacks, and people using the same password in many services using passwords is at a critical point. There has to be something better.
I have personally tried other kinds of authentication and found them lacking. I have tried third-party alternatives but the problem is support. What would help the IT industry is a non profit, totally trustworthy company that could be responsible for this key piece. I think the problem with proprietary solutions is that it is a political battle. No company trusts the motives of other companies enough.
Duo Mobile so far is the best that I have seen that makes it relatively easy for people. Perhaps it might work for you?