07:51 PM
Connect Directly

Move Over, Passwords, And Make Room For Tokens

Two security vendors this week announced new tokens, which are small pieces of hardware that users often carry on keychains to gain access to computers, often through a USB port.

The standard process of using semi-permanent passwords to access applications is passé. That's the message at the RSA Conference in San Francisco.

Two security vendors this week announced new tokens, which are small pieces of hardware that users often carry on keychains to gain access to computers, often through a USB port. Tokens can issue one-time passwords that become invalid after a user accesses an application, or can contain user-authentication data as an enhancement or even replacement to passwords and user names.

RSA Security Inc. announced a new USB-enabled token, the SecurID SID800, which can store electronic credentials such as one-time passwords, digital certificates, and standard passwords. RSA also unveiled the SecureID SID700, which is 35% smaller than its well-known SecurID authenticator. RSA says it shipped its 20-millionth SecurID authenticator last quarter.

SecurID SID800 can be used for "strong authentication" (two or more ways of identifying a user) for RSA's Sign-On Manager identity-management application. A 64,000-smart chip sports enough room for up to seven digital certificates and three sets of username/password credentials. Pricing varies by quantities purchased, but the SecurID SID700 averages around $42 per device and the SecurID SID800 is priced around $50.

Strong-authentication competitor VeriSign Inc. announced that it will soon make available two new tokens. The company says it will offer a one-time password token with a total cost of operation per user of less than $10 a year. VeriSign also is releasing a dual-purpose USB authenticator with either 128-Mytes or 265-Mbytes of secure storage. The USB authenticators can be used to store one-time passwords, PKI credentials, and provide functionality similar to that of smartcards.

A survey released by RSA Security showed consumers are losing faith in traditional security measures. When asked if usernames and passwords provide enough protection for their personal information, 53% said no, compared with only 35% last year.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek - September 2, 2014
Avoiding audits and vendor fines isn't enough. Take control of licensing to exact deeper software discounts and match purchasing to actual employee needs.
Flash Poll
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.