It’s been a long time since I’ve posted anything, but I promise this is going to be worth it:
http://www.youtube.com/phonefactor
Thanks to Dan Leafblad for doing all the hard work to pull this together. And Shame on Evan Conway for making me wear a conehead hat. It looks… well… just watch the video…
Ars Technica has a nice review of PhoneFactor up on the front page at the moment. I used to write for Ars, a couple of years ago, but I ran out of time to make a meaningful contribution. They really do have one of the best tech news sites around, though.
I’m trying to keep my PhoneFactor stuff over on the PhoneFactor blog, so there’s more there if you’re curious.
What a month. I knew June was going to be busy, but I had no idea it would simply disappear on me. But, as a result of all the hard work that my team and I have been up to, I can finally announce the public availability of PhoneFactor 1.0, as of July 2, 2007! Woohoo! 
PhoneFactor 1.0 ships with support for Windows 2000, XP, 2003, and Vista, and can secure any RADIUS-based server or appliance, or any IIS-based website, using either forms-based authentication or HTTP-based auth. Users can even be imported in bulk from Active Directory.
And, as I blogged about before, PhoneFactor free! There are no limits on the number of users or the number of authentications, it’s not a trial, etc.
Support agreements are available for purchase through our sales department (a great deal, considering the group of support engineers you get access to). I’m also going to try to field some support questions here on my blog or via e-mail (use the contact form or see the about box).
I’m really looking forward to getting more than five hours of sleep in July, and I’m sure the people who sent me bills in June will appreciate my finally getting around to paying them. But none of that matters - PhoneFactor is out!
OK, one last post on PhoneFactor, and then I’ll try to get back to regularly scheduled programming.
I finally got a dedicated PhoneFactor blog set up; for those interested, it’s at blog.phonefactor.net. I have had to fight with WordPress 2.2 quite a bit to get all of the feeds working, and I’ll probably switch to FeedBurner soon just to screw things up some more. Anyway, there are a couple of posts up now, and that’s where I’m going to confine my PhoneFactor rambling to from now on. Probably.
Someone pointed out that my white paper was missing off of phonefactor.net. I have added it, and I’m not quite sure how it was missed. It’s linked from the How It Works page, for anyone interested.
I continue to keep the del.icio.us PhoneFactor list up-to-date as well. Please send me anything you find if you don’t see it on the list.
Finally, Jason did a podcast at Interop that is finally posted. For those with 10 minutes to spare and nothing better to do, here’s the link to the podcast..
For those that are celebrating, have a happy and safe Memorial Day weekend.
Someone at my office had the bright idea of using Google to translate. Man, I work with some really bright people!
Wow, what an amazing 24 hours! I’ve been doing everything from coding to PR to writing for the website to… well, you get the idea. PhoneFactor has caused quite a splash already at Interop, and we’ve been getting some really good press out of it.
One of my favorite quotes is this one, from an Infoworld article:
It’s neat. Instead of having users carry a smart token, Positive’s new PhoneFactor deal waits for an auth request (and not just using Positive’s VPN service; this works with any VPN platform). When it gets the request, it clicks back to a server managed by Positive that matches the user request with a supplied phone number. The phone number gets called and a keyed response is required to make sure you’re on your phone.
The most interesting coverage we got was actually from a Japanese site — interesting because I have no idea what it says! But, there’s a nice picture of Jason Sloderbeck and Chris Austin. Interop Las Vegas.
I’m tracking PhoneFactor publicity on my del.icio.us account here: http://del.icio.us/dispensa/PhoneFactor.
Anyway, I promise I’ll get this blog back to Windows soon, but at the moment, my head is full of PhoneFactor, so the blog is too!
UPDATE: Thanks to Karthik for pointing out my broken link.
After months of development and a couple of years of research and planning, I’m thrilled to announce that Positive Networks is readying its new two-factor authentication service, PhoneFactor, for launch this summer.
PhoneFactor is a phone-based two-factor authentication system. It works like this:
You’ll notice that there are a few distinct advantages to this system. Most obviously, users don’t have to carry around Yet Another Device. IT departments don’t have to manage Yet Another Device (mailing them out, RMAing them, doing token synch, yada yada yada). And because it’s just a phone call, it works on literally any TouchTone phone in the world - you don’t need a smartphone, a J2ME environment, or anything of the kind.
One of the biggest advantages of PhoneFactor, however, is that it’s free. From the first day it launches, Positive Networks will be making the PHoneFactor service available for free to everyone. More details are available at www.phonefactor.net, but the basic idea is that Positive is going to sign up to providing the standard PhoneFactor service for free, permanently. If you have a VPN product (including, of course, PositivePRO), or a public-facing web application, or a Citrix server, or virtually any other kind of networked application, you can add PhoneFactor two-factor authentication to it for free. Positive will even pick up the tab for the outbound phone calls, as long as they’re to domestic US phone numbers.
The PhoneFactor service is a legitimate free service, in the mode of GMail or Flickr. We plan on keeping it free permanently. It’s not crippleware, adware, shareware, or any other kind of badware. It’s not a trial, and it’s not time-limited. It’s simply a free service.
Now, we also have to pay to keep the lights on, so we’re planning on selling add-on modules to PhoneFactor that we think will deliver even more value than the standard service. We’re also going to provide our world-class administrative and end-user support services and our advanced integration service for a fee. More about the add-ons can be learned at www.phonefactor.net. It’s my honest belief that the standard PhoneFactor service will provide a lot of value to a great many organizations without the add-ons, and will probably be all that most organizations need. But, if you’re a Fortune 500 company considering an enterprise-wide deployment, some of these modules will probably be of great benefit to you.
You can probably tell I’m pretty excited about this. It’s not every day that you get to go out and solve a real problem with cool new software, and to top it all off, I get what every coder wants: the chance for my software to be widely used and appreciated.
The precise launch date isn’t fixed yet, but I expect to hear fireworks when we release it, if ya know what I mean. 
There is a ton of additional information over at www.phonefactor.net, including a particularly fine white paper by yours truly. You can also sign up for the mailing list to be notified when we release.
I’ve been heads-down for the past six months focusing virtually all of my attention on two very special projects.
Tomorrow, Positive Networks will be announcing its newest service to the world: a two-factor authentication service for everyone. Readers of my blog will recognize by now that I’ve never been a fan of usernames and passwords, and I have long believed that the breaking point is near, when single-factor authentication simply won’t be practical any more.
I don’t want to jump the gun here, but I’m really excited about it - there are a couple of aspects of this service that are quite a bit different from what Positive has done in the past. Anyway, check back tomorrow for all of the details!
As for the second project, she’s been helping me code the first project for the last few weeks. If she keeps this up, I’ll have to add her to the credits. 