News Stay informed about the latest enterprise technology news and product updates.

Two-factor authentication's time has arrived

Companies seem to be clamoring for stronger forms of authentication in the consumer market after years of password-only problems.

Once upon a time, companies couldn't give away two-factor authentication services. Now, some are positioning themselves...

to make big money from it, signaling the possible demise of passwords as we know them.

Some recent examples:

  • America Online's Passcode service, in which users get a small handheld six-digit numeric code key. To log onto an AOL account equipped with the service, they'll have to type in the six-digits, which refresh on the device every 60 seconds, on top of using the regular password.

  • RSA making its SecurID product available for Microsoft Windows users, saying it'll help "ensure that valuable network resources are accessible only by authorized users" while "simultaneously delivering a simplified and consistent user login experience."

  • VeriSign's Unified Authentication managed service, in which enterprises deploy Universal Serial Bus (USB) tokens to all their users and VeriSign manages the infrastructure.

  • IBM's new ThinkPad, which includes a fingerprint reader that signs users into all their passwords.

    Why do companies seem to be clamoring for something they couldn't be bothered with a couple years ago? One reason: the problematic passwords people need to navigate their networks, said Jonathan Penn, an analyst for Cambridge, Mass.-based Forrester Research.

    "Windows 2000 finally gave administrators the ability to enforce strict passwords with a certain number of letters," Penn said. "That created a backlash where people would have trouble remembering their passwords, so they'd write it on a piece of paper and stick it in their desks. Then someone could come along and find it." Two-factor authentication does away with these passwords, he said.

    Compliance is another reason, he added. "On the enterprise side, interest in two-factor authentication is all about compliance, data protection and integrity of operations," he said. "Enterprises are looking for a greater sense of accountability. There's greater pressure to ensure people are who they say they are."

Dig Deeper on Two-factor and multifactor authentication strategies

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.