GATEKEEPER BLOG

Authentication solution provider

What is Authentication Intent?

Authentication intent is a specific action required by the user intending to login. IT admins also use intent to reduce unintended login risks. Examples of requiring authentication intent include typing in an OTP, inserting a USB, scanning a token, pushing a button, and perhaps biometrics. NIST Special Publication 800-63B 5.2.9 defines “authentication intent” as the following:

“An authentication process demonstrates intent if it requires the subject to explicitly respond to each authentication or reauthentication request. The goal of requiring intent is to make it more difficult for directly-connected physical authenticators (e.g., multi-factor cryptographic devices) to be used without the subject’s knowledge, such as by malware on the endpoint. Intent SHALL be established by the authenticator itself, although multi-factor cryptographic devices MAY establish intent by reentry of the other authentication factor on the endpoint with which the authenticator is used.”

GateKeeper authentication options.

Authentication intent is important to determine when a user is attempting to login to an account. GateKeeper Proximity tokens have multiple options for smarter authentication intent to login to computers and websites (all options require the presence of the user’s assigned GateKeeper token). Each authentication intent method fills the particular needs of IT managers in different industries. Some end users need a hands-free login method. Other users need stronger security but unimpeded logins.

  1. Type PIN to login.
  2. Touch your token to the USB reader to login.
  3. Press the Enter key to login.
  4. Login automatically based on presence.
  5. OTP

Using 2FA is crucial to strong security. But 2FA can also contribute directly to productivity. Most traditional 2FA solutions actually cost end users more time and effort to login. But not GateKeeper. Check out how one U.S. manufacturer increased productivity on the factory line by deploying smarter authentication intent using GateKeeper proximity tokens. The facility’s 400+ users save over 240 hours of login time per month. Using the right authentication intent option, IT admins can empower users to login faster than ever. You can read about more organizations that have deployed advanced 2FA from hospitals to banks on our white paper/case study section.

Making 2Fa easier for end users makes security stronger by nature. What’s the point of having an expensive security system that users don’t understand how to handle? A solution that is easy to adopt and use will be more effective than a “powerful” tool that doesn’t propagate very well. For example, NIST now recommends that admins don’t require passwords to expire and simply use longer and more complex passwords. Only change a password when there’s evidence of an incident.

Two factor authentication providers with dynamic authentication intent options.

Capterra Best Value for Authentication Jun-20
Capterra Ease of Use for Authentication Jun-20

See GateKeeper Enterprise advanced MFA in action.

Take a self-guided tour of how you can evolve from passwords. Then you're really saving time with automation.