LockMagic integrates with two-factor authentication systems to require strong user authentication when accessing encrypted content. This ensures that high-value information remains protected beyond a simple username and password. Furthermore, LockMagic supports smart-cards and HMAC-based tokens for mobile encryption to ensure endpoint systems remain free from any user keys. The loss or theft of a laptop when LockMagic encrypted content remains secure because the laptop hard disk doesn’t contain any keys or secrets that a hacker can then use to gain access to the encrypted content.
A single LockMagic hardware token can be configured for dual purpose to provide a One-Time Password for user authentication to the LockMagic Key Server and the same token along with a user-defined PIN and HMAC-SHA1 to derive a per-user master encryption key.
Enterprises can bind tokens to external partners and contractors private identities and grant them access to the enterprise LockMagic key server without provision identities in the enterprise identity system. External users can author, share and access encrypted content with enterprise users in a normal fashion. For example, a contractor may use his Gmail identity along with LockMagic hardware token to gain access to LockMagic encrypted content. This is achieved without any password or certificate management among users.