Stolen passwords represent a significant threat to today's enterprise. It has become apparent that a simple username and static password combination to login to a system is not adequate to protect most business information. As the corporate network is increasingly used to store disparate levels of company confidential information, there is a need for user access control. Authentication tokens are hardware or software devices that generate dynamic one-time passwords through the use of a mathematical function. This report examines the business needs, deployment strategies, and security risk scenarios of hardware vs. software-based token technologies. No single technology will provide the ultimate solution for every situation, and there are advantages and disadvantages to the use of each type.

Paper: Authentication Tokens: Balancing the Security Risks with Business Requirements

Originally released on the @stake website.