Educause Security Discussion mailing list archives
Re: Two factor Authentication
From: Gary Dobbins <dobbins () ND EDU>
Date: Thu, 24 Sep 2009 16:22:21 -0400
We've used SafeWord, from (formerly) Secure Computing (now from Aladdin) for several years. It's a lot like the others (e.g. RSA) but is different in that its tokens are not time-sync'd (they seem instead to be sequence-sync'd), and so each press of the button yields a one-time password that is immediately invalid once used. Hence, quick-turn reuse attacks are unsuccessful. With time-sync'd tokens, the same password may work for a given interval, such as a minute. Perhaps my info is dated and this risk has been mitigated in those products. You may want to look at nuances like that as you make your selection. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James C Farr '05 Sent: Thursday, September 24, 2009 3:29 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Two factor Authentication We are looking at two-factor authentications options for people to use when traveling. Does anyone have good or bad experiences they can share? If so what Solution did you choose? Why did you chose the that solution? Thank you for your input. James Farr Information Security Officer Instructional Technologist Utica College jfarr () utica edu<mailto:jfarr () utica edu> 315-223-2386
Current thread:
- Two factor Authentication James C Farr '05 (Sep 24)
- <Possible follow-ups>
- Re: Two factor Authentication Gary Dobbins (Sep 24)
- Re: Two factor Authentication Neil Matatall (Sep 25)
- Re: Two factor Authentication Stanclift, Michael (Sep 25)