New RSA Sign-on Manager goes for two-factor ID

Consistent treatment of user authentication across applications and automated procedures for lost passwords are two of the big...

Consistent treatment of user authentication across applications and automated procedures for lost passwords are two of the big attractions of RSA Security's new Sign-On Manager.

For the first time, the new authentication platform combines single sign-on with RSA’s two-factor identification - the user must know a password and provide some other identification such as a token that they hold.

Two-factor authentication mitigates the widely perceived risk that single sign-on offers “the keys to the kingdom”, according to RSA business development manager Mark Pullen.

Pullen said that IT applications typically varied in the policies they adopted for authentication. Sign-On Manager maintains a single authentication policy on a central server, with interfaces to the most widely used applications. Pullen said RSA currently had “hooks” for 90 applications, running on mainframe, Windows and Unix/Linux.

RSA’s IntelliAccess technology mitigates the lost password or lost token headache, which consumes much of the typical helpdesk's time.

A user who has forgotten a password or mislaid a token is asked a random selection of questions, typically three out of a predefined database of 20 questions and answers, although the number is set as part of the security policy. The right answers get the user emergency access until the longer-term problem can be fixed - perhaps just by finding a mislaid token.

Stephen Bell writes for Computerworld



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT strategy

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.




  • Passive Python Network Mapping

    In this excerpt from chapter two of Passive Python Network Mapping, author Chet Hosmer discusses securing your devices against ...

  • Protecting Patient Information

    In this excerpt from chapter two of Protecting Patient Information, author Paul Cerrato discusses the consequences of data ...

  • Mobile Security and Privacy

    In this excerpt from chapter 11 of Mobile Security and Privacy, authors Raymond Choo and Man Ho Au discuss privacy and anonymity ...