The inherent weaknesses in token-based authentication - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 20th, 2013

Linux Advisory Watch: May 17th, 2013

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

The inherent weaknesses in token-based authentication

User Rating:

How can I rate this item?

Source: SecurityPark - Posted by Alex

Alternative tokenless 2FA technologies may offer much greater levels of security, especially in light of the recent news that hackers have stolen data related to RSA secure tokens Chris Russell from Swivel Secure, commented: “The recent RSA security breach has sent a shock wave through the corporate security world, which I believe will be seen by future industry commentators as the tipping point for the authentication sector. For the best part of the last decade or more the RSA SecurID token has been held up as the industry standard for 2FA and has benefited from the ‘no-one ever got fired for selecting IBM’ adage for far too long in my opinion.

“It is widely acknowledged that SecurID is not the best solution ‘technically’ for confirming the identity of individuals online, but nevertheless they have continued to grow their market share year on year because, despite the cost and the practical management issues, the perception is that it is reliable and fundamentally secure.

Read this full article at SecurityPark