The SeKA authentication system stores its data in a safe, central directory service. The data cannot be accessed directly, only through certain applications. These applications require user authentication, so we can make sure a particular user can access only the data that he/she is authorized to see or data that is public. The data stored in the directory service comes from official sources (like e.g. the Neptun system) or from the users themselves.
The passwords are stored in a coded form, so no one can read them, not even the system administrator. The passwords are never transmitted to other computers either by the directory service or the SeKA system in any circumstances.
The communication between the user, the computer services and the SeKA system takes place by the means of coded, digitally signed messages. This results in a high level security for both the data communcation and the authentication service itself.
The system is maintained in cooperation with the National Information Infrastructure Development Institute, as a member of the EduID federation for the Hungarian research and education institutes. The data stored in our central directory service are never disclosed to third party systems except whithin the framework of the EduID federation: if one of our users wants to log in to a foreign computer service which is provided by an institution that is a member of the EduID federation, the data that is absolutely necessary for the login process is passed on the the foreign computer service. However, this never includes the password or any information that is considered private.