Linux targeted with two-factor authentication

A Canada-based security company is looking to target the Linux community with a security product offering two-factor authentication.

Two-factor authentication systems requests something in a user’s possession (a smart card, for example) and something they know (such as their PIN), before the user is allowed to access a system.

CryptoCard has launched a backend authentication software package for Red Hat and SuSE Linux servers that enable people to log in using one-time passwords — generated by a smartcard they control — over the Internet, regardless of the desktop operating system.

"We've been focused on secure password technology for the Linux community," said Malcolm MacTaggart, president of CryptoCard. "RSA and Microsoft is a match made in heaven, but not everyone wants that. We're going to champion the cause on the other side, which is why we're targeting Linux."

The company, which sells smart cards and password-generating tokens to the likes of NASA, said that two-factor authentication reduces help desk costs associated with resetting forgotten passwords.

Crypto-Server 6.3 for Red Hat Enterprise Linux 3 Server and SUSE Linux Enterprise Server 9 server costs $499 (£261) and includes server software and five tokens.

Last year Howard Schmidt, the former cyber security advisor for the White House, urged companies to use two-factor authentication. Security expert Bruce Schneier, though, doesn't believe it is the solution to identity fraud.