Microsoft has shelved plans to include native support for RSA's SecurID tokens in Windows Vista, even though the company has been trialling the technology for almost two years.
In February 2004, Microsoft chairman Bill Gates announced that Windows would be able to support easy integration with RSA Security's ubiquitous SecurID tokens, which meant that enterprises would find it far easier to deploy a two-factor authentication system for logging on to networks and applications.
However, almost two years after the SecurID beta programme kicked off, the chief executive of RSA Security Art Coviello has revealed that Windows Vista will not natively support the technology.
"Microsoft had said they would include the ability to support all kinds of One Time Password (OTP) and challenge response type authentication in Vista but they were unable to get it in with all the other issues they have had -- so it is going to take longer," Coviello told ZDNet Australia during an interview on Tuesday morning in Sydney.
According to Coviello, sales of SecurID for Windows have "gone slowly" because, although Microsoft agreed to let RSA see some of its source code, the company decided not to support the tokens natively in Windows. This meant that deploying a token-based system still required "some work".
"It has gone slowly and it has gone slowly for a number of reasons," said Coviello. "Microsoft has given us source code so we can replace the Microsoft logon screen. However it is not yet native to the operating system. So it still requires some work at the desktop, which slows down the adoption rate".
Coviello expects Microsoft to add native support for SecurID in future updates to Vista, after which he hopes demand for two-factor authentication will increase significantly.
"Admittedly, when Vista eventually includes support for onetime passcodes -- as is expected in some future point release -- people will be more aware generally.
"Right now we have a competitive advantage and quite frankly the adoption rate of our product, SecurID for Windows, is more about inertia in the market then about the technology," he said.
It is unclear if Microsoft's decision to not include support for SecurID for Windows is related to the fact that Vista will include a password management system called InfoCards, which was announced by Microsoft's Gates at the RSA Security Conference in California earlier this year.
Microsoft was not immediately available for comment.