Two Factor Authentication with USB Tokens

In this article, we’ll see what is two factor authentication and how USB tokens enable two factor authentication. We’ll also look at the advantages, and innovations that some vendors have created with the USB tokens to achieve two factor authentication and more.

What is Two Factor Authentication?

When you use user-name and password to access your system resources or network resources, it may not be very secure because the user-names and passwords can be stolen or guessed. That is the reason for implementing two factor authentication, where you need to authenticate with any of the two methods from below. Similarly multi-factor authentication uses more than two methods to authenticate users.

Something you know (password, PIN number, etc)

Something you have (USB tokens, Smart Cards, OTP Devices, etc)

Something you are (Biometric identification – finger print, iris, voice recognition, etc)

One example scenario of two factor authentication is when you use user-name/ password or PIN number (and) USB tokens to connect to a VPN network back to your office from a remote location. Without either of those, you would be refused remote network connectivity.

USB Tokens for Two Factor Authentication:

USB Tokens are small pen-drive like devices which can plug in to a computer through the USB ports. They are quite portable and can be attached even to a key-chain (and) they are also quite secure as people with a user-name/ password still cannot impersonate and access employees resources  if they don’t have this physical device, where two factor authentication is enabled. Since they can be plugged in to any computer with a USB drive, special readers are not required (Unlike the case with Smart Cards). Even the technical know-how for installing and using them is quite simple, and can be done by users themselves. Some of the USB tokens even have finger print readers to provide additional security via biometric authentication.

USB Tokens use Digital Certificates for authentication (mostly) in addition to user-name and passwords/ PIN. USB tokens are popular for secure network login & remote access login (through VPN networks). They can also be used to encrypt the contents of laptop hard-disks, with  some vendors. Some USB tokens have LCD screens for generating One Time Passwords (OTP) which are temporary passwords that can be used for getting remote application access. These USB tokens either works with pre-installed software in the computer (or) even without any pre-installed software in cases like authentication to web-applications.

Some vendors have taken the USB tokens beyond just Two Factor Authentication by allowing users to store their data/ applications on the memory available inside, which helps the USB tokens double up as USB pen-drives as well. To ensure security, the contents (data) are encrypted. So, employees can take such USB tokens anywhere they go and put it in a private/ public computer to access their data/ applications, after proper authentication. A virtual workspace is assigned to them in such cases (which keeps their session separate from the public computer) and all their contents are erased from the public computer when they remove the USB token. They can also connect to the office network through Internet & VPN, from public computers/ hot-spots securely using these USB tokens as all the communications are encrypted over the VPN network. That’s one way of accessing work related information and applications securely, where ever you go without having to carry a whole laptop!

excITingIP.com

You could stay up to date on the various computer networking/ related IT Technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’.

2 thoughts on “Two Factor Authentication with USB Tokens

  1. Lori Sloane

    I am intereseted in a quote for token authentication on 20 laptop computers.

    Kindest regards,
    lori

    1. admin

      Hi,
      This website is just for informational purposes and you might want to contact the manufacturers / dealers in your area for quotations.

Comments are closed.