Network Logon Solutions

Overview

Which is more dangerous - employees taping passwords to their monitors or using names of their sons or daughters as passwords? Without a doubt, the latter is much more dangerous. A password taped to a monitor can only be seen by people in the office who just happen to pass by, but a password as simple as a common name could be cracked externally, using readily available tools, in less than one minute by someone halfway around the world.

Facts About Breaking Passwords

Using a Pentium 1.6GHz computer with 128MB RAM:

• A simple password, 8 characters or less, made up of a word or common name, can be cracked in less than one minute.
• A password using uppercase and lowercase letters will take 20 minutes.
• A password containing uppercase and lowercase letters with numbers will take 24 hours.
• A "hardened" password that is not a word, but is made up of uppercase and lowercase letters with numbers and punctuation, and is 9 characters in length will take 150 days.

Keep in mind, if you were to add more computers to this password cracking system, the time would be decreased in a linear fashion.

A "hardened" password, like Ke.c4U35%o, in theory should be an acceptable solution, but the reality is that such passwords are just difficult to remember, especially when IT requires passwords to be changed every 90 days and the user has a number of different passwords. That's the problem.

If an IT department institutes a hardened password policy, the IT department has averted a costly intrusion by some hacker bent on destruction, but will increase its support costs by having to reset passwords from employees who forget these hardened passwords. This is a classic IT occurrence - solve one problem, but create another.

SafeNet Borderless Security Single Sign-On is the Solution

Borderless Security Single Sign-On is a complete software and smart token solution that delivers simplified and secure Single Sign-On (SSO) for a full range of enterprise applications and network resources. More than password management software, Borderless Security Single Sign-On provides a definitive answer for those enterprises that are struggling with password-based authentication environments. This includes the burden these environments place on users, the security implications for the organization, and the complicated implementation and management that IT administrators face working with today's password-based solutions. Borderless Security Single Sign-On enables fast implementation of stronger access control throughout the enterprise - taking the user out of the security loop so that organizations regain control of authentication. Password management software is just a part of what Borderless Security Single Sign-On provides. Two-factor authentication increases security and simplifies access for the user, without major infrastructure change or end-user training. For the administrator, Borderless Security Single Sign-On's password management software makes implementation easy and simplifies administration.

How Does It Work?

Today, most users log in to a desktop or a network by entering their username and password into different boxes on the login screen. With an Borderless Security Single Sign-On implementation, at the same login screen, users would insert their iKey into the computer's USB port, or their smart card into a smart card reader. Once the system recognizes the presence of the iKey or smart card, users would be prompted to enter their PIN. If the entered PIN matches the PIN within the iKey or smart card, the appropriate digital credentials are passed to the network and normal access is granted.

Much like the well known and understood ATM card paradigm, there is a limit to the number of times you can try entering the PIN before it becomes obvious that the person entering the PIN is not the person who owns the iKey or smart card. At that point, the iKey or smart card will no longer function without administrative intervention.