User authentication options: Using two factor authentication for security


This article can also be found in the Premium Editorial Download "Information Security magazine: Special manager's guide: Monitoring identities."

Download it now to read this article plus other related content.

Cost estimates for strong authentication products

    Requires Free Membership to View

Smart cards/PINs/biometrics
$18-$35 per user per year

Hardware and software tokens that display one-time passwords
$3-$25 per user per year

Knowledge based/life questions
$1-$2 per user per year

Source: RSA Security estimates based on size of deployment and any associated software and hardware

How do security certificates work?

Certificates are typically used in conjunction with USB tokens or smart cards but can be implemented separately. A certificate is assigned to a user, a token or a particular machine and is read during the authentication process. Certificates are much more secure than they were a few years ago due to better encryption and more robust certificate stores.

Pros and cons: Certificates tend to be a stronger style of authentication, but come at a much higher cost. The infrastructure typically required in an enterprise (servers, hierarchical certificate server domain deployment and personnel) is pricey to set up and maintain. Third-party vendor-managed services help, but this authentication is still more expensive than most others reviewed here.

What to do: Organizations with extremely high security requirements, such as government agencies handling classified information, will want to consider certificates. Today, there are discrete pockets of certificate implementations, but with the increasing deployment of USB tokens and TPM chips, this sector is expected to grow over the next decade to become nearly ubiquitous.

This was first published in August 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: