Network Logon Solutions for Enterprise
Enterprise level authentication.without the paperwork.

Overview

Which is more dangerous: Employees taping passwords to their monitors or using names of their sons or daughters as passwords? Without a doubt, the latter is much more dangerous. A password taped to a monitor can only be seen by people in the office who just happen to pass by, but a password as simple as a common name, could be cracked externally, using readily available tools, by someone halfway around the world in less than one minute.

Facts about breaking passwords

Using a Pentium 1.6GHz computer with 128MB RAM:

  • A simple password, 8 characters or less made up of a word or common name can be cracked in less one minute.
  • A password using upper and lower case letters will take 20 minutes.
  • A password containing upper and lower case letters with numbers will take 24 hours.
  • A “hardened” password that is not a word but is made up of upper and lower case letters with numbers and punctuation and is 9 characters will take 150 days.

Keep in mind, if you were to add more computers to this password cracking system, the time would be decreased in a linear fashion.

“Hardened Password” like Ke.c4U35%o in theory should be an acceptable solution, but the reality is that such passwords are just difficult to remember, especially when IS requires passwords to be changed every 90 days and the user has a number of different passwords. That’s the problem.

If an IT department institutes a “hardened” password policy, the IT department has averted a costly intrusion by some hacker bent on destruction, but it will increase its support costs by having to reset passwords from employees who forget these “hardened” passwords. This is a classic IT occurrence: Solve one problem and create another.

The SafeNet Solution: Using iKey to logon

With an iKey, an IT department could establish passwords for users like the one described or they could use digital identities to authenticate users. IT could then issue iKeys and allow employees to set their own PIN code and make it only 4 numbers which is easier to remember.

Prior to implementing the SafeNet iKey, a SafeNetcustomer determined that the average user required 3.5 to 4 password resets per year, costing between $10 and $37.50 for each reset. Making the PIN easier to remember resulted in a dramatic reduction of password related calls to the help desk.

In using the iKey, an organization is implementing a two-factor authentication policy that is a far more secure authentication process that just username and password.

How does it work?

Today, most users log into a desktop or a network by entering their username and password into different boxes on the login screen. With an iKey implementation, at the same login screen, users would insert their iKey into the computer’s USB port. Once the system recognizes the presence of the iKey, users would be prompted to enter their PIN number. If the entered PIN number matches the PIN within the iKey, the appropriate digital credentials are passed to the network and normal access is granted.

Much like the well known and understood ATM card paradigm, there is a limit to the number of times you can try entering the PIN before it becomes obvious that the person entering the PIN is not the person who owns the iKey. At that point, the iKey will no longer function without an administrative intervention.
Ïà¹ØÁ´½Ó