Multi Factor Authentication

RSA’s SecurID Quandry: Replace or Recall?

RSA acknowledged on Monday that a hack at Lockheed Martin was tied to the theft of information on its SecurID tokens. The company offered to replace the tokens for customers, but experts wonder whether RSA should go further and recall SecurID tokens from the market.

RSA Security, a division of EMC Corp. has admitted that it was the victim of a sophisticated attack that resulted in the theft of secrets related to its SecurID two-factor authentication product.

For years, leaders of the security industry have warned that
passwords have outlived their usefulness. Users pick easy-to-crack
passwords like the name of a dog or a favorite movie. They’re written
on post-it notes and left sticking to the monitor for all to see. Multi-factor
authentication — using more than one form of authentication to verify
the legitimacy of a transaction via smart cards, tokens or biometrics,
for example — is often held up as the alternative; an end to insanity. The reality is far less simple. Read the full article. [CSO]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.