The challenges of security authentication controls are discussed in informative article.  A new approach ties in smartphone ownership with a tap to “okay” access rather than to key a 2nd one-time password to make approach easier for end user,2817,2484693,00.asp

One problem with passwords for security is that the bad guys can guess simple passwords, yet the good guys can’t remember strong passwords. You can solve that one by installing and using a password manager. The other problem is worse, in a way. Anybody who knows your password, no matter who or where they are, can use it to unlock your account. Two-factor authentication is the vaunted solution to the second problem…but there’s a new problem.

Two Factor is Too Hard — The important thing about two-factor authentication is that it buttresses the password (something you know) with biometric technology (something you are) or some kind of device-based solution (something you have). So far, though, many two-factor solutions are just enough trouble users reject them.

Biometric implementations typically take the form of fingerprint authentication. First, that means they’re only good for devices that include a fingerprint reader. Second, you typically need to enroll multiple fingers on each device where you’ll be authenticating. Don’t get me wrong, biometrics can be great. Touch ID is one of the best things about my iPhone 6, but it doesn’t help me on other devices.

Google Authenticator, Twilio Authy, and various SMS-based solutions make your smartphone part of the login experience. After entering your password, you receive a notification containing a one-time code to complete the authentication process. Right. So, enter the password, dredge your phone out of pocket or purse, peer at it while entering the code (hurry; those codes are only good for a short while). That’s not a smooth experience.

A New Simplicity – Couldn’t it be easier than that? Couldn’t your possession of the smartphone be considered enough? The folks behind the Keeper Password Manager think so. Just released, the new Keeper DNA authentication system requires just a tap. You’ll still have to whip out your smartphone, but you no longer need to poke at the keys to enter a code. And those using the Apple Watch can authenticate with a twist of the wrist and a tap.