RSA Security will be replacing the 40 million SecurID tokens currently in use as a result of a reported attack on RSA last March. The company recently sent a letter to customers acknowledging that SecurID failed to protect defense contractor Lockheed Martin and several other clients as a result of the attack.
SecurID tokens are used in two-factor authentication systems. Two-factor authentication has been considered by many to be the gold standard for secure IT access. The idea is that you must have two things, something you have (such as a token) and something you know (such as a password).
SecurID is the token, which will present a number to the user that changes every 30 seconds. The algorithm that matches the number to the token may be part of what was stolen from RSA's data systems. The thieves now have one of the two factors figured out, so if you have a weak password as the second factor, the thieves will be able to penetrate your secure system.
More details can be found here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment