New RSA Sign-on Manager goes for two-factor ID


New RSA Sign-on Manager goes for two-factor ID

Consistent treatment of user authentication across applications and automated procedures for lost passwords are two of the big attractions of RSA Security's new Sign-On Manager.

For the first time, the new authentication platform combines single sign-on with RSA’s two-factor identification - the user must know a password and provide some other identification such as a token that they hold.

Two-factor authentication mitigates the widely perceived risk that single sign-on offers “the keys to the kingdom”, according to RSA business development manager Mark Pullen.

Pullen said that IT applications typically varied in the policies they adopted for authentication. Sign-On Manager maintains a single authentication policy on a central server, with interfaces to the most widely used applications. Pullen said RSA currently had “hooks” for 90 applications, running on mainframe, Windows and Unix/Linux.

RSA’s IntelliAccess technology mitigates the lost password or lost token headache, which consumes much of the typical helpdesk's time.

A user who has forgotten a password or mislaid a token is asked a random selection of questions, typically three out of a predefined database of 20 questions and answers, although the number is set as part of the security policy. The right answers get the user emergency access until the longer-term problem can be fixed - perhaps just by finding a mislaid token.

Stephen Bell writes for Computerworld

Related Topics: IT strategy, VIEW ALL TOPICS

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy