Networking

08:57 AM
Connect Directly
RSS
E-Mail
50%
50%

Qualys Adds Two-Factor Authentication To Service

Qualys is now providing two-factor authentication technology to its vulnerability management service customers for free. The software-as-a-service offering is Symantec's VeriSign Identity Protection (VIP) Authentication Service. Symantec completed its acquisition of VeriSign in August. The VIP Authentication Service is software that is installed on a device, such as a desktop or laptop computer or a smartphone. The user enters a username and password, after which the software generates a six-dig

Qualys is now providing two-factor authentication technology to its vulnerability management service customers for free. The software-as-a-service offering is Symantec's VeriSign Identity Protection (VIP) Authentication Service. Symantec completed its acquisition of VeriSign in August. The VIP Authentication Service is software that is installed on a device, such as a desktop or laptop computer or a smartphone. The user enters a username and password, after which the software generates a six-digit code for the user to enter to provide access.

The extra level of security is akin to the procedure someone follows to use an automated teller machine where they have to both insert their ATM card and enter their passcode. Either one is useless without the other, explained Corey Bodzin, director of product management for Qualys. "Most authentication in the IT realm today is single-factor; it's something you know, like your username and password. Two-factor authentication is when you add something you have," Bodzin said.

The six-digit code generated by the VIP application changes every 30 seconds so that even if someone manages to obtain the username, password and the code, the code number will have changed by the time they try to use it. The VIP Authentication Service creates a software token as opposed to a hardware token, such as a key fob a user would carry around that would generate the code number, Bodzin said. Hardware solutions such as that can be more expensive and difficult to set up compared to the software solution.

Two-factor authentication provides an added layer of protection for enterprises that find that their employees' password protection is weak because passwords are easy to guess, according to a recent report from the Imperva Application Defense Center, a research firm.

The report collected data from a number of studies and showed that 30 percent of computer users create passwords of six or fewer characters, half of users use the same or similar password for multiple Web sites and that nearly 50 percent use common consecutive characters such as 123456 or QWERTY.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Slideshows
Cartoon
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Twitter Feed