The Microsoft booth at the RSA Conference 2004
RSA Security Inc. joined Microsoft to deliver stronger security for Microsoft environments by replacing static passwords with strong, two-factor authentication. The new RSA SecurID for Microsoft Windows solution is designed to help Microsoft enterprise customers ensure that valuable desktop and network resources are accessible only by authorized users, while simultaneously delivering a simplified and consistent user login experience.
The RSA SecurID for Microsoft Windows solution is designed to provide a simple user login experience. By combining something the user knows (i.e., a secret PIN) with something the user possesses (i.e., a unique RSA SecurID token that generates a random, one-time password every 60 seconds), Microsoft Windows enterprise customers will have an effective, easy way to secure user access to sensitive company information. This solution is designed to provide significantly greater security than static passwords – without requiring any additional hardware on the desktop.
Today’s user is generally required to remember different passwords, which vary depending on how and from where the user is logging on to the enterprise network. For example, a user’s password for accessing the local network may differ from his password for gaining remote access over a connectivity device such as a VPN. Exacerbating the problem is the need to change these passwords frequently based on corporate IT security policies. These multiple login procedures can result in user frustration as well as escalating help-desk administration costs.
With the RSA SecurID for Microsoft Windows solution, the user will be prompted for his/her PIN and one-time password upon login, rather than a static password. This information is then directed to the RSA ACE/Server software, which ensures that the user has presented the proper credentials for gaining access. This strong authentication process is engineered to remain consistent – even when the user is disconnected from the network – delivering a common user login experience irrespective of how or from where the user is requesting access.
RSA Security anticipates that it will begin limited beta testing in the second quarter of 2004 and it expects that the product will be commercially available in the third quarter of 2004.