I have also seen implementations of this technology where the only authentication is with the key. This is not an optimal approach; if someone has the key, an attacker can log in to your bank without a user ID or a password. The better implementations utilize the key along with an ID and password.
Dig deeper on SSL and TLS VPN Security
Related Q&A from John Strand, featured expert
Expert John Strand reveals two exciting trends in antivirus software.continue reading
Expert John Strand explains how to shore up security as you plan a large-scale advertising campaign.continue reading
Expert John Strand reviews how to spot input validation flaws on your websites.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.