Risk: Informational
Microsoft and RSA Security have started beta testing a product designed to phase out the use of traditional passwords and replace them with automatically generated passwords from a SecurID token.
Although not a new concept, SecurID is one of the most popular two-factor authentication systems and is already used by many large enterprises. The token is about the size of a matchbox and generates a new six-digit code every minute.
Users are given an easy-to-remember PIN number to type in alongside the code displayed on the token. With an integrated SecurID system within Windows, enterprises should find it easier and cheaper to ensure users do not use weak passwords or forget them.
Password-only security has been recognised for some time to be inadequate for truly protecting Windows.
The beta test programme is being rolled out to a small number of companies and is expected to last around a month. RSA Security expects the full commercial version to be available shortly after the trial ends.
Jason Lewis, vice president of product management at RSA Security, said the technology complements RSA's core business, which is to authenticate remote users.
The integration of SecurID and Windows was first announced at the RSA Security conference in San Francisco earlier this year. At the time, Microsoft's chairman Bill Gates said the development signalled the death of the traditional password.