FAQ

General Information

What is 2-factor authentication (2FA)?


2-factor authentication (2FA) is an authentication process that is comprised of two elements. The first is something you know, such as a password. The second is something you have, usually a security token or a smart card. 2FA increases your security because if a hacker manages to steal one factor—like your password—they won't be able to gain access without the second factor.




Why do I need 2-factor authentication?


2-factor authentication (2FA) greatly increases your identification and access security by adding a second "factor" to the authentication process. 2FA helps protect crucial data and information such as bank accounts and confidential records without the need to manage multiple complex passwords.




Why is it not secure to rely solely on passwords?


Advancements in technology means hackers have many easy ways to steal static passwords. Common attacks include malware, phishing, Man-In-the-Middle (MITM) attacks, and much more. If the password you use is static, it never changes, which makes it possible for hackers to steal it and use it to access your internal networks. This is why using a second factor to secure your account access keeps you much safer.




What is U2F?


U2F, or Universal Second Factor, is an open authentication standard created by the FIDO Alliance designed to let you securely sign in to a number of web-based services. It's effective at combating real-time attacks such as Man-in-the-Middle (MITM). Learn more.




What browsers support FIDO protocols such as U2F?


Google Chrome ver. 38 or higher fully supports FIDO protocols and compatible applications and services. Mozilla Firefox Quantum (60.0 or higher) will support U2F if security.webauth.u2f is toggled to true in about:config. However, support for all U2F-compatible applications and services is not guaranteed. Make sure you are familiar with modifying Firefox's configuration before doing so. We recommend Google Chrome when using FIDO U2F.





Buying Hypersecu Products

What locations do you ship to?


We ship globally using Canada Post, UPS, or FedEx. All destinations are subject to the availability of these carriers, as well as exporting regulations where applicable.




Do you have an online store for purchasing your products?


Your online purchasing experience and security is our top priority. We use industry-leading e-commerce service providers such as Amazon.




Do you offer fulfillment services for Information Security Service Providers?


Yes, fulfillment services, such as drop shipping to your clients' locations, are available. Contact us to learn more. We are more than happy to discuss with you how we can help meet your individual requirements.




Do you offer discounts or specials for your products?


Yes, we do offer corporate discounts and special prices for large orders. Please contact us for details.




Can I add my own brand or logo to your products?


Yes, customization services such as branding, special packaging, software customization, and development are available on most Hypersecu products. See our customization guide for details.




What if I'm looking for something tailored for my business needs?


We can provide products and solutions tailored to your needs. Please contact us for details.





HyperFIDO Security Keys

What is FIDO?


The FIDO Alliance is a non-profit organization dedicated to reducing reliance on passwords and usernames for authentication. Their goal is to develop an open set of standards that can be widely adopted in order to change the nature of secure authentication. To learn more about FIDO, visit fidoalliance.org.




What is the HyperFIDO Security Key?


The HyperFIDO Security Key is a 2-factor authentication device that adds a strong second factor when signing in to online services. Registering and using HyperFIDO requires just a press of a button. It works with all online services that support the FIDO protocol, including Gmail and Dropbox. Learn more about HyperFIDO.




What is the benefit of using of a HyperFIDO Security Key?


The HyperFIDO security key prevents phishing and can also combat real-time attacks that can breach accounts by secretly intercepting communication between a user and the authentication server. It helps reduce reliance on passwords while increasing security. FIDO protocols are widely adopted by a number of online services, making it a versatile solution.




How do I use the HyperFIDO Security Key?


Register your HyperFIDO security key with the account you want to secure, then activate the device by pressing the button during the registration process. When you sign in later, simply insert the security key into a USB port when prompted and press the button. Learn more.




Where can I use my HyperFIDO Security Key?


You can use HyperFIDO with any online service that supports FIDO protocols. Popular services include Facebook, Gmail, Twitter, and many others. Learn more.




How many accounts can I add to my HyperFIDO Security Key?


There is no limitation to the number of accounts with our new generation HyperFIDO security keys. (Previous versions of the HyperFIDO K5, delivered prior to 2017, supports up to 64 individual accounts.)




What if more than one person needs access to the account? Do I have to pass the same device back and forth?


Many services allow you to register multiple security keys under a single account. If more than one person is using the same account, you can each register and use your own HyperFIDO Security Key independently.




How do I set up my Linux system to use my HyperFIDO Security Key?


You’ll need to add a rules file to your Linux system inside the folder /etc/udev/rules.d/. To do so, use one of the following steps: 1.Download the rules file from here and copy the file to /etc/udev/rules.d/ 2. Restart your computer. Note: If you already have the rules file from another U2F device vendor, add the following into the current rules file and restart your computer: # Hypersecu HyperFIDO KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="2ccf", ATTRS{idProduct}=="0880|0850|0852|0853|0854|0856|0858|085a|085b", TAG+="uaccess"





HyperOTP One-time Password Devices

What is OTP or a one-time password?


A one-time password (OTP) is a unique, dynamic password that changes based on either an event (like a button press) or a time value (from the clock on device or server). It's valid for only one login session, which effectively prevents password theft.




I want to use my phone or tablet. Do you have mobile OTP options?


Yes, our mobile OTP for iOS is available from iOS App Store, please go to your Apple App Store and search HSAuthenticator to download.




What are the security advantages of OTP tokens?


OTP tokens provide a unique dynamic password each time you sign in, which significantly decreases the risk of password theft. It also prevents the need to change your password frequently or to maintain long and complex passwords.




How do I use my HyperOTP token?


Simply press the button on the token to display your one-time password value, then enter the value to sign in to your OTP-enabled network services. Check with your service provider to see if your account has been linked with an OTP token.




What is a time drift?


A time drift is when the internal clock inside a time-based OTP token becomes out of sync with the server’s time window. When this happens, the codes generated by the token will no longer match what the server recognizes and authentication will fail. Many authentication servers will provide a feature to re-sync the OTP token so that there’s no need to replace it.




My OTP token has experienced a time drift. How can I re-sync it?


If you need to re-sync an OTP token, many OTP authentication servers will allow you to do so. A common method is to have the user enter two OTP codes in sequence. The server will then verify the token’s ownership, determine the time offset on the token, and store this information in order to calculate future passcodes. However, all authentication servers are different. Please contact your authentication server provider if you are not certain how to re-sync your OTP token.




What is the HyperOTP Edge? How is it diferent from a tradional OTP token?


The HyperOTP Edge is our innovative user-programmable OTP card that allows end users to program the secret key (seed) through NFC technology, unlike our traditional tokens which are pre-programmed during manufacturing. This is done by using a smart phone or tablet and our Edge Programmer app. Like all HyperOTP products, the Edge is designed to integrate with OATH and RADIUS. You can program the card using your own authentication server or you can use a generated code from any service using Google Authenticator servers, like Facebook, Twitter, GitHub, and more.




What is the benefit of using the HyperOTP Edge?


Because end users can program the Edge card themselves, any access using 2-factor authentication can be integrated with the Edge. In addition, the secret key (seed) is never shared with any third party, giving you enhanced security over the authentication process. Finally, the Edge is designed as a slim card than can slip easily in your wallet.




What is a "seed"? How do I add the "seed" to my token?


A seed, secret key, or seed value is a unique symmetric key associated with each OTP token and the server account linked with this token. This is a core element for all types of OTP tokens. For services similar to Google Authenticator, your seed value or "key code" will be generated and given to you by your online service provider.





HyperPKI Tokens

What is PKI?


A public key infrastructure (PKI) is digital certificate-based security solution that provides online security for identification and authentication, as well as safe and secure digital transaction using digital signing and encryption/decryption. Each unique certificate generates a key pair containing a public key and a private key. Your public key can be used to verify a digital signature or shared to encrypt information, while a private key is used for decryption and digital signing. With our HyperPKI tokens, all operations are performed on board within a secure and closed environment to prevent data theft and malicious attacks. Learn more about HyperPKI.




Do I have to download any hardware driver or plugins to use HyperPKI USB token?


HyperPKI USB token does not require any additonal plugins or drivers to use. Each HyperPKI token includes the PKCS#11 middleware, allowing the token to function with any PKCS#11 PKI-enabled application like Microsoft Outlook, Windows Smartcard Logon, Adobe digital signatures software, Firefox, and more. PKCS#11 offers a user-friendly interface to manage certificates and log on to remote systems. You can also use our HyperPKI HYP2003 middleware to manage your HyperPKI token. Download the latest version here.





Can't find what you're looking for?

Our support team is here to help: support@hypersecu.com

LINKS
CONTACT

Phone: +1 (604) 279-2000

Email: info@hypersecu.com

SOCIAL
  • Linkedin
  • Facebook
  • Twitter

© 2020 Hypersecu Information Systems Inc. All Rights Reserved.