Feature

Users must invest in extra security locks



Companies are deluding themselves if they spend a fortune on technology and then rely on simple password protection to keep the hackers out, according to Cambridge online security start-up Signify.

"Relying on passwords to know who you are dealing with is like building on a foundation of sand," said Signify's chief executive John Stewart. "It's about time companies stopped spending large amounts on high-profile technologies and went back to basics."

Graham Titterington, a senior consultant at Ovum, agreed that user-selected passwords are unsatisfactory, "Just by compiling a dictionary of forenames and place names, 40% of all passwords would be covered without having to resort to hacking programs."

Signify is offering an internet-based authentication server based on RSA's SecurID number-generating key fobs.

A built-in timer generates a new Pin number every minute and, after a personal password is entered, the user is then asked for the current number displayed on their fob and this is checked by a synchronised authorisation server.

By directing their security checks to an internet-based authentication server, Signify's customers can save on set-up, management and support of SecurID, Stewart said. It also means that, by setting up all internal and external services on the server, the user needs only one fob not a separate fob for each.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in October 2000

 

COMMENTS powered by Disqus  //  Commenting policy