There is provided an image forming apparatus having security against cyberattacks by establishing an authentication factor for a remote access user that is different from an authentication factor employed in multi-factor authentication of local access.

Discussed herein are devices, systems, and methods for zero trust endpoint network security. A method can include providing, by a ZTENS device, first data indicating the ZTENS device is communicatively coupled to a compute device, providing, by the ZTENS device and over a first communication channel through a web application of the compute device, one or more URLs, receiving, by the ZTENS device and over the first communication channel, data indicating a URL of the one or more URLs selected by a user of the compute device through the web application, communicating, by the ZTENS device a request for website data of a website associated with the selected URL, and receiving, by the ZTENS device, the website data and providing the website data to the compute device.

An image forming apparatus performs processing, which is different from multi-factor authentication processing, on remote access to a function on which the multi-factor authentication processing cannot be performed. In this way, remote access to an image processing function is enabled without performing the multi-factor authentication processing on the remote access.

The present disclosure provides various embodiments of systems and methods to securely authenticate a user. More specifically, the present disclosure provides embodiments of multi-factor authentication methods that improve both security and user convenience by using trusted secondary devices or peripherals (hereinafter “trusted devices”) to provide additional authentication factor(s) for verifying user presence/identity after an initial authentication factor has been used to verify user presence/identity. Unlike conventional multi-factor authentication methods, the additional authentication factor(s) provided by the trusted devices do not require user input or intervention.

Multi-factor authentication techniques are used to verify an identity of an audio-only caller requesting to join a video-enabled virtual meeting. A request for an audio-only caller to join a video-enabled virtual meeting is received from a phone device of the audio-only caller, in which the audio-only caller is using the phone device to call into the video-enabled virtual meeting. An authentication request is transmitted to the phone device to verify an identity of the audio-only caller. A response to the authentication request is received from the phone device and includes an authentication code generated based on the request for the audio-only caller to join the video-enabled virtual meeting. The identity of the audio-only caller is then verified using the authentication code and information associated with the phone device, and the request for the audio-only caller to join the video-enabled virtual meeting is allowed or denied based on the verification.

A wireless system can be used to authenticate a user device via proximity information of wireless network devices. The system can include the user device, the wireless network devices, and a server. At least some of the wireless network devices can be wirelessly connected to the user device and at least some other wireless network devices can be wirelessly unconnected to the user device. The server can use proximity information about the user device with respect to the wireless network devices to authenticate a user.

A technique is provided by which a user goes to a site and instead of the authentication system of the site going to their own databases to match an ID and password given by the user, because doing so is not secure, the site companies makes a call to an identity assurance score server (with ties to the ID-less and password-less system) and send a parameter such as a number. Then, based on that parameter (e.g., number or score), the identity assurance score server (with ties to the ID-less and password-less system, such as described hereinabove) sends a corresponding login protocol or factors to be satisfied to authenticate the user.

A method of performing user authentication includes by a service electronic device associated with a service, receiving, from a public electronic device, a request for a user to initiate a session of the service, generating a first security token, a first write token, a first read token, and/or a first delete token, sending the first security token, the first write token, the first read token, and/or the first delete token to a server electronic device, receiving, from the server electronic device, a key location identifier that uniquely identifies a memory location of a data store associated with the server electronic device where the first security token, the first write token, the first read token, and/or the first delete token are stored, saving the key location identifier in a data store associated with the service electronic device, generating a signed key location identifier, generating a machine-readable image that includes the key location identifier, the signed key location identifier and the first write token in an encoded format, and sending the machine-readable image to the public electronic device.

A system for contextual and risk-based multi-factor authentication having a multi-dimensional time series data server configured to monitor and record a network's traffic data and to serve the traffic data to other modules and a directed computation graph module configured to receive network traffic data from the multi-dimensional time series data server, determine a network traffic baseline from the network traffic data, and determine a verification score needed before granting access based at least in part by the network traffic baseline. A plurality of verification methods build up a user's verification score to required level to gain access.

An information processing apparatus, configured to function as a FIDO client, includes: a memory configured to store authentication device information indicating an authentication device usable in FIDO authentication using the information processing apparatus; and a processor configured to acquire the authentication device information from an authentication device information management server to present the authentication device information to an administrator, cause the memory to store the authentication device information indicating an authentication device that is selected by the administrator as being connectable to the information processing apparatus, and, in response to an authentication start request from a user for FIDO authentication, in a case where an authentication device used by the user is not included in the authentication device indicated by the authentication device information stored in the memory, restrict use of an authentication device used by the user.