New RSA Sign-on Manager goes for two-factor ID

News

New RSA Sign-on Manager goes for two-factor ID

Consistent treatment of user authentication across applications and automated procedures for lost passwords are two of the big attractions of RSA Security's new Sign-On Manager.

For the first time, the new authentication platform combines single sign-on with RSA’s two-factor identification - the user must know a password and provide some other identification such as a token that they hold.

Two-factor authentication mitigates the widely perceived risk that single sign-on offers “the keys to the kingdom”, according to RSA business development manager Mark Pullen.

Pullen said that IT applications typically varied in the policies they adopted for authentication. Sign-On Manager maintains a single authentication policy on a central server, with interfaces to the most widely used applications. Pullen said RSA currently had “hooks” for 90 applications, running on mainframe, Windows and Unix/Linux.

RSA’s IntelliAccess technology mitigates the lost password or lost token headache, which consumes much of the typical helpdesk's time.

A user who has forgotten a password or mislaid a token is asked a random selection of questions, typically three out of a predefined database of 20 questions and answers, although the number is set as part of the security policy. The right answers get the user emergency access until the longer-term problem can be fixed - perhaps just by finding a mislaid token.

Stephen Bell writes for Computerworld

Related Topics: IT strategy, VIEW ALL TOPICS

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy