Summary:In this special review, we round up the various authentication devices on the market. From fingerprint scanners, to single sign-on software and biometric technology -- we have the authentication market covered.
One-time passwords and token devices
One-time passwords are a good and relatively low-cost alternative. Like the name suggests, the passwords are used once only and if the same password is used again at a later stage in a login attempt then the subject is rejected.
The tokens are small devices that are synchronised with the authentication server system to issue the user with a password when a button is pressed on the device.
One-time passwords are an excellent choice if one is concerned about keyloggers or spyware infections that may be collecting data from compromised machines. Another benefit to one-time passwords is they can stop identity fraud occurring within the organisation.
Vasco Data Security shipped us a copy of its Radius server middleware and one of its token devices.
Vasco has managed to include two-factor authentication with the tokens by having the user input a static PIN first, such as 1234 (something they will know) and then the one-time password supplied by the token (something that they have). Using this, the login would look like 1234 (code on the token).
There are also options to interface with Web-based logons, Citrix, Lotus/Domino, Windows, and Novell.
RSA, Verisign, and Giesecke & Devrient also supply one-time password generating token devices.