Safe mode: Two-factor authentication's danger zone

While strong authentication seems failsafe, nearly all of these systems may be bypassed entirely or critically hindered by using a computer's "safe mode."

If an attacker can gain access to the desktop and run a disk editor of any type, he can search for user names and passwords that are commonly left by the authentication software in the paging or temp files of Microsoft Windows. Once he has the user name and password, he can log in as the user with whatever multifactor authentication system is deployed. Unfortunately, users often store their tokens or other authentication devices with their computer, making it easy for an intruder to gain access.

Additionally, the vendor-supplied software of a strong authentication solution must work seamlessly with your network client software. This is easy using Microsoft, but it has the greatest page file leaks. Novell, Sun Microsystems and others are not supported as well by security vendors, but tend to be more secure because they use different network authentication mechanisms.

The time is now

Without a doubt, strong authentication can be expensive, depending on the chosen technology. But losing 20% or more of your share value due to a loss of consumer confidence when an executive's laptop is stolen and thousands of private data records are exposed is even more costly.

Authent

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Identity Management and Access Control Identity management technologies and products to offer customers Despite downturn, channel committed to identity and access management Access control compliance and corporate governance considerations Access control management The importance of access control Partner Program Directory: Authentication vendors Identity management: Compliance and trends Tech Watch: Biometric devices Identity management best practices and precautions Introduction to identity management solutions

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

ication technology has improved greatly over the past two years and will continue to do so. The associated software continues to be a source of failure, though it is also improving. The total cost of ownership due to administrative costs is still too high, but is dropping.

The regulations are in place, and it is time to provide our businesses and clients with a stronger sense of security via better authentication.