Two-factor ID allows low-risk single sign-on – RSA

IntelliAccess relieves lost password headache for helpdesks

RSA Security is holding out consistent treatment of user authentication across applications, and automated procedures for the troublesome problem of lost passwords, as two attractions of its new Sign-On Manager.

The new authentication platform for the first time combines single sign-on with RSA’s two-factor identification — the user must both know a password and provide some other identification such as a token that they hold.

Two-factor authentication mitigates the widely perceived risk that single sign-on offers “the keys to the kingdom,” says RSA’s Australia/NZ business development manager Mark Pullen; that once one authentication barrier is passed, the user can do anything on a wide range of applications.

Applications typically vary in the policies they adopt for authentication, Pullen says. Sign-On Manager maintains a single authentication policy on a central server, with interfaces to the most widely used applications. Currently the company has “hooks” for 90 applications, running on mainframe, Windows and Unix/Linux platforms, he says.

RSA’s IntelliAccess technology mitigates the lost password or lost token headache, which consumes a lot of the time of a typical helpdesk. A user who has forgotten a password or mislaid a token is fed a random selection of questions, typically three out of a pre-prepared database of 20 questions and answers, “but the number is set as part of the policy”. The right answers get the user emergency access until the longer-term problem can be fixed — perhaps just by finding a mislaid token.

Join the newsletter!

Error: Please check your email address.

Tags authentication

More about LinuxRSA

Show Comments
[]