Multi-factor Authentication Technology
Date:
May 26, 2009 - 11:00am - 11:50am
Location:
TBA
Presenter/Moderator:
Ian Thomas
Presenter/Moderator:
Mike Wiseman Information technology and services groups are increasingly tackling issues around the topic of Identity Management such as user provisioning, roles management and privileged rights management. One of those issues is the selection of authentication technology. The ubiquitous username/password is the most commonly used technology today but, according to current standards and best practices, it is not always the right choice to protect higher value/risk resources. For these, so-called multi-factor authentication (MFA) technologies such as one-time-password, cryptographic smartcards and biometrics are being deployed. This presentation will provide: an overview of current best practice in this area, multi-factor authentication technology experience at the University, and recommendations for those contemplating its deployment.
- Login to post comments
- 313 reads
Comments
Great Presentation
This was a great presentation - it really shows just how easy it would be to properly integrate multi-factor authentication into many environments at U of T. Passwords and secrets are really an outdated method of authentication and in the presence of relatively inexpensive, easy-to-use alternatives there really isn't any reason that the University shouldn't move forward into modern strong methods.
To PKI or not to PKI
From my experience, the trickiest part is getting one's head around the basics of PKI (public keys and private keys) from an end-user standpoint. The beauty of these USB/SmartCard tokens is that they sufficiently hide that from end-users.
Another aspect that I very much like is that the technology is based on open, well-published standards. That means that there will always be a choice of which vendor we go with, so if one vendor decides to become unreasonable, there will be ten others to take their place with a pen and contract in hand...