With the development of science and technology, the traditional user name password login method has faced major challenges, system security level upgrade and high security market demand, the emergence of two-factor authentication system;
Two-factor authentication is a system using time synchronization technology, which takes the time, event and key three variables to replace the traditional static password. Each dynamic password card has a unique key, the key is stored in the server side, each time the authentication dynamic password card and the server according to the same key, the same random parameters (time, event) and the same algorithm to calculate the authentication dynamic password, so as to ensure the consistency of the password, so as to achieve the user authentication. Because the random parameters of each authentication are different, the dynamic password generated each time is different. Because the randomness of the parameters in each calculation guarantees the unpredictability of each password, the security of the system is ensured in the most basic password authentication. Resolve the major losses caused by password fraud, prevent malicious intruders or vandalism, and resolve the intrusion caused by password leaks.
So what are the current two-factor certification vendors? What's the choice?
At present the world to do the earliest is RSA, but also the most comprehensive, professional ability of the strongest enterprises, but unfortunately the business license is not China, and its price is high outrageous, the recent National information security field, are mandatory use of domestic, is undoubtedly to the olive branch to domestic enterprises.
On the domestic two-factor certification manufacturers, East Union, Pennington, Xi Chen is a relatively early batch of companies, market share to do is also very large, the most common is our side of the network silver Dynamic token, large-scale, user-wide, is to resolve the user login password leakage caused by information and data loss problems. But in the enterprise itself, there has always been a security risk, such as VPN, OWA, Vmware, Citrix, Linux Server, Windows Server, Route, SWitch, Web Administrator, etc., these passwords once leaked, it is not a simple small problem, Serious will endanger the survival of the enterprise, so solve the weak password problem is the cornerstone of enterprise development.
According to friends in the circle, they adopted a set of Ckey das Two-Factor dynamic authentication system, the ultimate realization of login user name and password, but also need to enter a dynamic password, the carrier of the dynamic password for software apps, hardware tokens or text messages, and can be used in combination, each has pros and cons, the dynamic password constantly changing, A total of 10 of the 6 species may, and there are attempts to login limit, very effective to solve their internal information security management issues, their application scenario for OpenVPN and Citrix Desktop virtualization, combined with Ckey das to solve the problem of weak password, currently running everything is normal.
Rumor Ckey Das's ambition is to be with RSA showdown, in the current SMS authentication, app authentication, hardware token authentication on the basis of later will increase fingerprint authentication, iris authentication and other biometric identification, so that enterprises quickly into the future as a member of the It Circle, Can see domestic enterprises continue to catch up with foreign enterprises is very excited, Ckey Das and RSA between the competition I personally very much look forward to.
This article is from the "11758825" blog, please be sure to keep this source http://11768825.blog.51cto.com/11758825/1881483
How to solve the enterprise weak password problem?