• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Software Token vs Physical Token

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Physical Security and Social Engineering

View previous topic :: View next topic  
Author Message
WBLKurt
Just Arrived
Just Arrived


Joined: 01 Oct 2008
Posts: 0


Offline

PostPosted: Wed Oct 01, 2008 9:26 pm    Post subject: Software Token vs Physical Token Reply with quote

We are currently using the RSA Securid physical tokens (Key Fob) and are considering switching to the Software token for Windows Desktops. I would like to know if anyone is using the software version and also what benefits would there be other than procurement and delivery.

Thanks!
Back to top
View user's profile Send private message
owen.nick@gmail.com
Just Arrived
Just Arrived


Joined: 06 Feb 2009
Posts: 0


Offline

PostPosted: Fri Feb 06, 2009 6:44 pm    Post subject: Re: Software Token vs Physical Token Reply with quote

WBLKurt wrote:
We are currently using the RSA Securid physical tokens (Key Fob) and are considering switching to the Software token for Windows Desktops. I would like to know if anyone is using the software version and also what benefits would there be other than procurement and delivery.

Thanks!


Last year, I had a "blog debate" about software tokens:
http://securology.blogspot.com/2007/11/soft-tokens-arent-tokens-at-all.html
and my response:
http://www.wikidsystems.com/WiKIDBlog/On%20the%20security%20of%20software%20tokens%20for%20two-factor%20authentication/

My feeling on it is that if you are limiting access to corporately managed laptops and/or can validate updated anti-malware/anti-keystroke software before granting access to the the VPN, PC software tokens are an excellent way to reduce your costs (which is what it is all about these day!).

If you use an SSL/browser-based VPN or Citrix Web Interface etc, and the tokens support mutual https authentication, then you are gaining protection against network-based MITM attacks. With the prevalence of public wifi and the many DNS attacks out there, this is a good trade-off IMO. (mutual authentication: http://www.wikidsystems.com/learn-more/technology/mutual_authentication and http://en.wikipedia.org/wiki/Mutual_authentication).

Also, I assume that there is no cost for "lost" tokens if you give tokens to consultants or your employees loose them frequently. IE, it is seat-based and not per token.

HTH,

Nick
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Physical Security and Social Engineering All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register