Re: Requiring Dual Factor Authentication / Multiple Authentication



I would really like to implement SecurID, but its cost prohibitive.
This nice thing about SecurID is that it provides even another layer
of security. In my experience with it, I had to provide a pin, along
with the current code on the fob to pass SecurID authentication, in
addition to my host/network password this was true two factor
authentication.

My major problem with just using rsa/dsa keys or certs is that I have
to use the honor system and hope my user base is protecting their key
or cert with a strong password/passphrase. So I have to assume they
are not. Then there is the problem of securing the rsa/dsa key or
cert, I can not assume my users have any type of security set up on
their remote machines as I can not, nor want to, maintain their remote
networks.

Which brings me back to password authentication. If I were able to
require both a rsa/dsa key or cert in addition to providing a host
password (which I could enforce complexity and expiration times on) I
think it would give me reasonable two factor authentication without
the hefty costs associated with SecurID or similar systems

Thanks to all of you that have taken the time to read and to respond
to this thread, I appreciate your feedback.

Cheers,
Ryan



Relevant Pages

  • Re: RSA secureID
    ... demand two-factor authentication: the user's memorized PIN, ... the ISA support docs for installing ACE/SecurID, ... RSA, over the past 15 years, ... them certified as "SecurID Ready" out of the box. ...
    (microsoft.public.platformsdk.security)
  • Re: Configuring RSA Securid on ISA 2004 server
    ... > authenticate to website using the RSA Securid. ... Microsoft's ISA Server 2004 supports the native SecurID ... also install RSA's ACE/Agent for Windows. ... This is a major advance in the integration of RSA's authentication ...
    (microsoft.public.isa.configuration)
  • Re: securID weakness
    ... > by tying users to logins authenticated by securID can now be ripped ... electronic physical authentication device), ... oppressive surveillance, modern management systems rely upon authentication, ... The token-holder must be must be ...
    (comp.security.misc)
  • Re: about SecuriID on mobile devices
    ... tokens were tamper-resistant). ... Did I miss something or does it make the authentication a one factor ... Security pros have been debating the relative security of physical ... device has, physical or virtual, for the SecurID secret it holds, the ...
    (sci.crypt)
  • Re: Requesting additional authentication from remote user
    ... You might look into RSA ... > SecurID, as that is an interesting alternative. ... > SecureID and Microsoft Internet Authentication Service." ... The latest version of RSA SecurID for Windows, ...
    (microsoft.public.win2000.ras_routing)