Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

The evolution of MFA security tokens


Smartphone token authentication

Source:  Thinkstock

Even older than the Web itself, multifactor authentication (MFA) takes something that only you possess (e.g., a fingerprint, voice print, key fob or piece of software on a smartphone, as illustrated) and combines it with the usual username/password login dialog to prove that you really are legitimately you. The goal of MFA is to strengthen login credentials to keep the bad guys from freely roaming around your network or stealing confidential information; security token authentication can help achieve that goal.

So, for example, in addition to entering a password to access company resources, a user may be required to press a button on a key fob with an LCD screen. The key fob would then generate a unique sequence of numbers for 30 seconds. When he or she enters those numbers as a second factor after his or her password -- the multifactor in "multifactor authentication" -- the sequence is checked against a server on the organization's network to verify authenticity.

If the entered sequence matches, the user is allowed access. If not, he or she must generate a whole new passcode by pressing the button on the key fob again.

Organizations that are in the process of deciding whether or not to deploy MFA technology should become familiar with the criteria for evaluating and buying multifactor authentication products. This will help them determine which deployment method and second factors will work best for their needs. Then it would behoove these enterprises to bone up on the leading MFA vendors in the market today to see how their top-tier multifactor products compare to one another.

View All Photo Stories