Is a software based SecurID deployment less secure than using hardware tokens?
-
Recently, there's a trend towards using a software version of SecurID instead of deploying physical keychain devices that constantly displays a time-expiring temporary password. Isn't this less secure? I assume the end-user will install it on the same device that will actually log into the network (e.g., a laptop with VPN software). If malware is also on this device, it could easily do keyboard sniffing to get the constant part of the password, remotely start the SecurID application, and then get a screenshot of the time-expiring password. It could then log-in as the end-user.
-
Answer:
. It depends on what you will install the soft SecureIDs on and the risk you want to mitigate. If it is generated for a smartphone and then used to log in from a PC then it is as secure as the hardware version (except of the hardware version was always in a closet / safe / drawer and never traveled with the PC. The smartphone is likely to always be around). The scenario you mention (installed on the same PC where you log in from) makes it less secure against physical theft. Again - this may or may not be a problem depending on how the PC is handled. If the target is to make sure that someone, somewhere on Internet will not use a classical password (leaked, cracked, ...) by requesting an OTP then there is no much difference.
Wojtek Swiatek at Quora Visit the source
Related Q & A:
- How do I create a web based msn?Best solution by Yahoo! Answers
- How do you write a theme based essay?Best solution by Yahoo! Answers
- How do I make a home based server?Best solution by lifehacker.com
- What exactly does a software engineer/software programmer do?Best solution by Quora
- How to create a science-based monopoly?Best solution by forevergeek.com
Just Added Q & A:
- How many active mobile subscribers are there in China?Best solution by Quora
- How to find the right vacation?Best solution by bookit.com
- How To Make Your Own Primer?Best solution by thekrazycouponlady.com
- How do you get the domain & range?Best solution by ChaCha
- How do you open pop up blockers?Best solution by Yahoo! Answers
For every problem there is a solution! Proved by Solucija.
-
Got an issue and looking for advice?
-
Ask Solucija to search every corner of the Web for help.
-
Get workable solutions and helpful tips in a moment.
Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.