One example involves a communications server providing communications services to remotely-situated client entities, wherein each client entity is associated with users and each user is associated with a communication device. The server may verify a first authentication factor for a user among the users, and generate a communication request that includes a first portion specifying at least one target endpoint associated with the user and a second portion associated with or indicating the security code and that includes a set of instructions which: are specific to the user, which specify how to communicate the security code for the user, and which specify different security codes for different types of communications. Via the server, the security code is sent to the user according to the set of instructions, and verified via a second authentication factor associated with or for the user by comparing input from the user to the security code.

Various embodiments are generally directed to performing an authentication persistence check and, based on the check, allowing a previously successful authentication to persist on a user apparatus. The check may involve a stability check on the user apparatus. If the user apparatus is stable, device fingerprinting on the apparatus may be performed, the result of which may be compared to a snapshot of apparatus taken at the time of successful authentication. If the comparison reveals changes or drifts that are within a predetermined threshold, then the persistence of the authentication is allowed.

A disclosed apparatus obtains emergency data for multiple device types from a plurality of emergency data sources and provides a jurisdictional map view to a plurality of emergency network entities, where each emergency network entity corresponds to a given geographic boundary. The jurisdictional map view corresponds to a respective emergency network entity's geographic boundary. The apparatus determines portions of the emergency data corresponding to emergencies occurring within each respective emergency network entity geographic boundary, and provides location indicators within each respective jurisdictional map view, with each location indicator corresponding to an emergency.

A method for securing and authorizing sensitive operations is described. A computing device may receive a first authentication factor from a second computing device based on a request from the second computing device to authorize an operation; upon validating the first authentication factor, send to at least the second computing device and a third computing device, a request for a second authentication factor; and authorize the operation based on validating the second authentication factor from the second computing device or from the third computing device, or from both.

Disclosed in various examples are methods, systems, and machine-readable media for exposing a Representational State Transfer (RESTful) interface to users whereby management commands on a datacenter may be issued remotely from the users' workstations for secure, remote management of the datacenter. An application task automation command (e.g., a POWERSHELL® command) is executed remotely by creating a proxy command (e.g., based on a POWERSHELL® cmdlet code) to cause the application task automation command to be executed when the proxy command is remotely invoked and deploying the proxy command to a remote computer, such as the user's workstation. The remote computer issues a request including a user identifier and any parameters for the application task automation command when the corresponding proxy command has been invoked by the remote computer. The datacenter determines whether the user is authorized to execute the application task automation command invoked by the proxy command, and upon authorization of the user, the datacenter computer runs the application task automation command with any parameters provided in the request to control configuration of, or data stored on, at least one computer in the datacenter.

A system is disclosed for pre-registering authentication devices. A security key provider system may receive a request to pre-register a security key with identified applications from an enterprise. Responsive to receiving the request, the security key provider system instructs the security key to generate a unique authentication code for each of the applications. The security key provider system may generate pre-registration information based on the authentication codes and pre-register the authentication codes of the security key to the applications by providing the pre-registration information to the applications on behalf of the enterprise. The security key provider system may instead provide the pre-registration information to the enterprise to allow the enterprise to pre-register the authentication codes.

Systems and methods for authorizing operations associated with blocked media assets using two-factor authentication. In some aspects, a media guidance application (e.g., executed by a set-top box or other user equipment used to store and display media assets) prompts a user for a password (e.g., a personal information number) in order to unlock the content for viewing. In response to receiving a second request from the user to perform an operation related to the media asset (e.g., delete), the media guidance application prompts the user for an additional factor confirming his or her identity, consistent with two-factor authentication protocol. If the user's identity is authenticated as a user that has authority to perform the operation related to the media asset (e.g., delete the stored media asset), the media guidance application performs the operation related to the media asset (e.g., deletes the media asset).

An authentication model dynamically adjusts authentication factors required for access to a remote resource based on changes to a risk score for a user, a device, or some combination of these. For example, the authentication model may conditionally specify the number and type of authentication factors required by a user/device pair, and may dynamically alter authentication requirements based on changes to a current risk assessment for the user/device while the remote resource is in use.

At an authorization server, a shared secret electronic key may be shared with a second computer. A selection to use a system to complete a transaction may be received from a first computing device. An image may be communicated to the first computing device. A digital representation entered by the user representing the image and a PIN based on the copy of the shared electronic key may be received from the second computing device. The system and method may determine if the digital representation entered by the user on the second computing device matches the image communicated to the first computing device. The system and method may determine if the PIN based on the copy of the shared electronic key from the second computing device is as expected. In response to determining the digital representation entered by the user matches the image and the PIN the second computing device is as expected, the user may be authorized.

A request is received from a user at a client to access a file of a set of files backed up to a backup server. Upon verifying a password provided by the user, the client is issued another request for authentication. A first data structure is received responsive to the request. The first data structure is generated using identifiers corresponding to a set of files at the client of which at least some presumably have been backed up to the server. A second data structure is generated. The second data structure is generated using identifiers corresponding to the set of files backed up to the server. The first and second data structures are compared to assess a degree of similarity between the files at the client and the files backed up to the backup server. The user is denied access when the degree of similarity is below a threshold.