GS Logo
The Green Sheet, Inc

Please Log in

A Thing

Article published in Issue
Number 060101

Links Related
to this Story:


Crypto-login: A Unique Way to Log In

By Ben Goretsky

Ever since I can remember we have used the same method for logging in to computers, Web sites and systems: a username and password associated to an account. This method has evolved to include using a password other than a dictionary word, making sure that the password is a certain number of characters and adding a built-in timer that requires the password to be changed every 90 days.

Yet, if you think about it, the technology of logging in has not changed that much, and with increasing security standards, you'd think something better would be required now. There's good news, though, because times are changing.

Imagine a complex password that changes every time you log in to a network, to Web or terminal servers, or simply to your own PC, and all you need to remember is your token or username.

The technology to which I'm referring is actually available now; it's called crypto-login. With crypto-login, technology system users are assigned a device that they can attach to their keychain. This device gives the carrier a new password every time its owner turns it on. Therefore, the password is always unique and never, ever repeated.

How It Works

The technology has two parts. The first is software that resides on the main server through which the log in passes; this is usually a server or administrative machine through which all access must be validated. The software is what will actually validate the unique passwords, register the crypto-devices and register users to these devices. The main software is also where users can be deleted anytime in case a crypto-device is ever stolen or lost.

The second part is the crypto-device itself. It is associated to a user and registered in the main software based on a unique, complex serial number. The main software authenticates the unique passwords generated by the crypto-device, which the user enters when logging in.

Advantages

There are several advantages to using this type of technology for logging in to a system. One is that passwords are always unique and complex so hackers cannot guess them. Another is that passwords will not be lost or forgotten since they are always unique. Finally, passwords are always secure and encrypted.

If you ever wondered what's wrong with most password creation methods, a recent poll completed by RSA Security Inc. shows that 79% of people use the same password for multiple sites, 70% use significant dates or names in their password, and 60% use only four passwords for everything that requires authentication. In addition, 33% of employees share their passwords with other employees, and 67% would turn their company passwords over for $3 worth of coffee coupons. With a crypto-login password, even if shared, once used, it becomes revoked and useless.

This technology is available for all computer systems, networks and even PDAs. I predict that the day will soon come when all Web users will have crypto-login devices, and their passwords will be more secure than ever before.

Ben Goretsky is the Chief Executive Officer and head of IT Development at USA ePay. He has been working with his brother Alex since they started the company in 1998. E-mail him at ben@usaepay.com or call him at 866 872 3729, ext. 350.

Article published in issue number 060101

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Back Next Index © 2006, The Green Sheet, Inc.