RSA boosts security of single sign-on

RSA Security next month plans to extend its single sign-on software to support applications that are protected by two-factor authentication.

The company is releasing Version 4.5 of RSA Sign-on Manager, which uses Windows logon user names and passwords to access multiple applications. The new version integrates Sign-On Manager and RSA SecurID for Windows technology in a single client for Windows desktops.

That means users will have to enter only their SecurID passcode once when they log on to their Windows desktop. In the past, the passcode generated by the SecureID token had to be entered for every application that required two-factor authentication.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

RSA Security next month plans to extend its single sign-on software to support applications that are protected by two-factor authentication.

The company is releasing Version 4.5 of RSA Sign-on Manager, which uses Windows logon user names and passwords to access multiple applications. The new version integrates Sign-On Manager and RSA SecurID for Windows technology in a single client for Windows desktops.

That means users will have to enter only their SecurID passcode once when they log on to their Windows desktop. In the past, the passcode generated by the SecureID token had to be entered for every application that required two-factor authentication.

Andrew Braunberg, an analyst with Current Analysis, says strengthening Windows desktop logon with two-factor authentication makes single sign-on more secure. "With [single sign-on], you want that first authentication to be pretty solid."

Braunberg says support for two-factor authentication provides comfort for corporations that worry about single sign-on capabilities that let a single authentication provide universal access to resources.

RSA also uses two-factor authentication to protect the database of passwords stored on a client to support the single sign-on technology.

The integration lets corporations add to their single sign-on deployments any application whose access controls require two-factor authentication using an RSA SecurID token.

Sign-On Manager also supports SecurID SID800 USB-enabled authenticator tokens, smart cards and SecurID software tokens.

In addition, RSA is adding a feature to Sign-On Manager called IntelliSense, which lets remote users who forgot their Secure ID tokens get temporary access to applications by answering questions.

RSA Sign-On Manager 4.5 is slated to ship in November. The software is priced at $50 per user for 1,000 to 2,500 users.

Read more about security in Network World's Security section.