The Network Security. Org

Why and how to implement SecurID Authentication

Authenticating users who log onto your network by account name and password only is the simplest and cheapest (and thus still the most popular) means of authentication. However, companies are recognizing the weaknesses of this method. Passwords can be guessed or cracked using dictionary attacks or more sophisticated methods such as rainbow tables, or users can be coerced, charmed or tricked into revealing their passwords to others. These latter techniques, called social engineering, have become a growing problem for companies of all sizes.

One way to thwart social engineers and reduce other risks associated with passwords is to implement some form of two-factor authentication. If users are required to not only type in a password or PIN but also provide something additional ? whether a card, token, fingerprint, iris scan or other factor ? simply obtaining a password won?t be enough to get the cracker or social engineer into the network.

There are two basic categories of ?second factors? that you can implement: devices users carry with them, or biometric characteristics. In this article, we?ll look at how to implement a particular form of the first category, SecurID cards and tokens from RSA. Why and how to implement SecurID Authentication

More News

• Apple releases another mega-patch for Mac OS X
  



• Security flaw in smart cards poses risk for transit, building access
  



• Free TrojanProof Password Tool Released for Windows
  



• Security scans with OpenVAS
  



• Do ISPs pose a bigger online privacy threat than Google
  



• HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
  



• Anatomy of a botnet
  



• Microsoft patches 8 critical bugs in Windows, Office
  



• Virtualization users should expect more attacks
  



• Threat From DNS Bug Is not Over, Experts Say
  



• Website infection rate triples
  



• How to Use Honeypots to Improve Your Network Security
  



• Microsoft Patch Tuesday Targets 26 Application Flaws
  



• SSL VPNs might not be as secure as you think
  



• 8 tips to filter spam effectively
  



• Onus on IP address owner to prove innocence
  



• How to install an SSH Server in Windows Server 2008.
  



• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware