In my last blog, I left off talking about the different forms of authentication and the abundance of solutions available to enable multi-factor authentication (based on the directive to increase security for user authentication into laptops).
As mentioned in Part 1, in order to support communication to smart cards at pre-boot, WinMagic was responsible to engineer the driver support into SecureDoc (for each device). Without these drivers, the cards simply won’t work in a pre-operating system environment. This was not an easy feat, but over the years our PKI engineers have been consistently providing support for the most used tokens:
Without a doubt, WinMagic has spent a substantial amount of time (and resources) developing support for various 2 and 3 factor authentication solutions. Our goals are always customer focused; furthermore, ensuring they can use the latest and greatest technologies in line with SecureDoc’s full disk encryption. I remember it always being a challenge determining which tokens should be considered first, and which could wait for next releases. The good news is: SecureDoc is developed based on PKCS#11 standards, which provides development benefits to support PKI tokens.
So, where are we now after 10 years? Have businesses moved away from traditional usernames and passwords and onto more secure 2 or 3 factor authentications? Well, I can comfortably say a number of large organizations (from all sectors) made the switch and require users to authenticate using smart cards. There’s no question this technology works and is being mandated around the world. Even smart card projects I worked on years ago are still going strong, and in several cases are starting to migrate to newer card technologies.
However, to say the direction clearly moved away from 1 factor authentication would be incorrect. The majority of companies still use single factor authentication (via Active Directory). This article isn’t about what is right or wrong, but whether or not smart card technology has been adapted. My opinion is the trend didn’t align with the actual direction over the decade. Of course I have many theories around my opinion, but will have to save them for another time.
To conclude, not all technologies can easily be adopted; even if they are great solutions! It will be interesting to see how technology changes over the next 10 years, and whether or not the traditional username and password will still hold strong as the most used authentication method into computers.
To access Part I of this article, click here