Grand Idea Studio

Authentication Tokens: Balancing the Security Risks with Business Requirements

 

Stolen passwords represent a significant threat to today’s enterprise. It has become apparent that a simple username and static password combination to login to a system is not adequate to protect most business information. As the corporate network is increasingly used to store disparate levels of company confidential information, there is a need for user access control. Authentication tokens are hardware or software devices that generate dynamic one-time passwords through the use of a mathematical function. This report examines the business needs, deployment strategies, and security risk scenarios of hardware vs. software-based token technologies. No single technology will provide the ultimate solution for every situation, and there are advantages and disadvantages to the use of each type.

Paper: Authentication Tokens: Balancing the Security Risks with Business Requirements

Originally released on the @stake website.

Press

MacroFab Engineering Podcast

What You Are Designed To Do – A ...

The Altium OnTrack Podcast

Joe Grand on Hacking, Badgelife and ...

Supplyframe

DEF CON 27: Joe 'Kingpin' Grand