Two-factor authentication's time has arrived

Companies seem to be clamoring for stronger forms of authentication in the consumer market after years of password-only problems.

Once upon a time, companies couldn't give away two-factor authentication services. Now, some are positioning themselves to make big money from it, signaling the possible demise of passwords as we know them.

Some recent examples:

  • America Online's Passcode service, in which users get a small handheld six-digit numeric code key. To log onto an AOL account equipped with the service, they'll have to type in the six-digits, which refresh on the device every 60 seconds, on top of using the regular password.


  • RSA making its SecurID product available for Microsoft Windows users, saying it'll help "ensure that valuable network resources are accessible only by authorized users" while "simultaneously delivering a simplified and consistent user login experience."


  • VeriSign's Unified Authentication managed service, in which enterprises deploy Universal Serial Bus (USB) tokens to all their users and VeriSign manages the infrastructure.


  • IBM's new ThinkPad, which includes a fingerprint reader that signs users into all their passwords.

    Why do companies seem to be clamoring for something they couldn't be bothered with a couple years ago? One reason: the problematic passwords people need to navigate their networks, said Jonathan Penn, an analyst for Cambridge, Mass.-based Forrester Research.

    "Windows 2000 finally gave administrators the ability to enforce strict passwords with a certain number of letters," Penn said. "That created a backlash where people would have trouble remembering their passwords, so they'd write it on a piece of paper and stick it in their desks. Then someone could come along and find it." Two-factor authentication does away with these passwords, he said.

    Compliance is another reason, he added. "On the enterprise side, interest in two-factor authentication is all about compliance, data protection and integrity of operations," he said. "Enterprises are looking for a greater sense of accountability. There's greater pressure to ensure people are who they say they are."

Dig deeper on Two-Factor and Multifactor Authentication Strategies

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close