RSA SecurID: A PrimerTokens Traditionally Used to Achieve MultiFactor Authentication
RSA SecurID is a multifactor authentication solution based on standard industry requirements for "something you know," such as a password or PIN, "something you have," like a token, and/or "something you are," like biometrics. SecurID is widely used and regarded as the pioneer product of hardware and software token authentication.
Since RSA SecurID's introduction into market, other token solutions have emerged, mimicking the standard set by RSA, says Josh Corman, research director of enterprise security at analyst firm The 451 Group.
More mature risk management programs and industries have long adopted the use of hardware tokens, Corman says. Government agencies, pharmaceutical companies, financial services and healthcare organizations are just a few examples. "Tons of people use them," he says. "Anyone who is considered to have a higher risk of exposure uses tokens."
SecurID tokens are available for software and hardware, and are most often used as second-factor authentication for securing VPNs and WLANs, e-mail, intranets and extranets, desktops and Web servers.
On the software side, SecurID provides two-factor authentication for personal devices, with support for up to 10 software tokens on one device. On the hardware side, SecurID provides two-factor authentication based on patented time-synchronization technology, which generates a one-time authentication code that changes every 60 seconds.
According to RSA, "RSA SecurID is the authentication choice of over 25,000 customers worldwide."