Users must invest in extra security locks


Users must invest in extra security locks

Companies are deluding themselves if they spend a fortune on technology and then rely on simple password protection to keep the hackers out, according to Cambridge online security start-up Signify.

"Relying on passwords to know who you are dealing with is like building on a foundation of sand," said Signify's chief executive John Stewart. "It's about time companies stopped spending large amounts on high-profile technologies and went back to basics."

Graham Titterington, a senior consultant at Ovum, agreed that user-selected passwords are unsatisfactory, "Just by compiling a dictionary of forenames and place names, 40% of all passwords would be covered without having to resort to hacking programs."

Signify is offering an internet-based authentication server based on RSA's SecurID number-generating key fobs.

A built-in timer generates a new Pin number every minute and, after a personal password is entered, the user is then asked for the current number displayed on their fob and this is checked by a synchronised authorisation server.

By directing their security checks to an internet-based authentication server, Signify's customers can save on set-up, management and support of SecurID, Stewart said. It also means that, by setting up all internal and external services on the server, the user needs only one fob not a separate fob for each.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

This was first published in October 2000


COMMENTS powered by Disqus  //  Commenting policy