How is LaunchKey more secure than password-based systems?
No one is able to authenticate as you by figuring out something you know. LaunchKey is tied to your device
so it is something that you must have. Any requests for authentication that are made by someone who isn't you
will still appear as notifications on your device notifying you immediately. With passwords you have to trust
the system that is keeping it to properly encrypt it and keep it away from unauthorized access. With LaunchKey
you just have to know where your device is.
Is this two-factor authentication?
Absolutely. Two-factor authentication, also known as multi-factor authentication, requires the authenticating
user present at least two of the three recognized authentication factors: a knowledge factor (something the
user knows), a possession factor (something the user has), and an inherence factor (something the user is).
LaunchKey uses physical authentication over unique linked smartphones or devices to satisfy the possession
factor, PIN Code or Circle Code combined with a unique LaunchKey username satisfies the knowledge
factor, and geographic data along with geofencing satisfies the inherence factor.
What happens if I lose my device?
If that was your only links device, you may remotely unlink via the Unlink Form. If you have another linked
device, either sign in and view the Settings section inside the online dashboard or view the Devices section
inside the LaunchKey Mobile Authenticator, and then click or tap the unlink button next to the appropriate
device name. Follow the instructions to complete the unlink process.
After you recover your device or obtain a new one, you may relink your LaunchKey account.
What type of encryption does LaunchKey use?
LaunchKey uses public-key cryptography with signing and 256-bit AES encryption. The RSA keys are
4096-bit on the devices with v2 LaunchKey Mobile Authenticators.
Does LaunchKey use SSL?
LaunchKey forces the use of secure HTTPS connections on all services. We use HTTP Strict Transport Security
(HSTS) to ensure browsers only interact with us over HTTPS, and we're on the HSTS preload list for Chrome.
Additionally, we employ an ECDHE-RSA-RC4-SHA cipher with perfect forward secrecy (PFS) on all modern browsers
and a Qualsys SSL "A" server rating.
LaunchKey links to user contributed code as a resource to its community. LaunchKey does not in any way
guarantee or warrant the quality and security of these code bases. User contributed code is supported by the
creators. If you do find a link from the site to user contributed code that is malicious or inappropriate in any
way, please report that link to LaunchKey immediately and we will investigate the claim. Submit any issue to
LaunchKey support at https://launchkey.com./support.