Tuesday, September 21, 2004

AOL offers two-factor authentication

I wasn't originally going to post about this, but then I came to realize how incredibly significant this is. AOL, ISP to the digital huddled masses, has decided that passwords will no longer cut it, and is moving to RSA's SecurID tokens.

Everyone knows it's the right thing to do. Password technology hasn't changed much in the last few decades, and with increasing amounts of CPU power, RAM and disk space, the future is looking grim for single-factor authentication.

Most organizations have been holding off two-factor authentication, though, due to both the extra cost and the perceived deployment difficulty. If giant AOL can work it out, this could clear the way for a lot of smaller-scale deployments.

I can't wait to read a case study on this.

No comments: