[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SecurID



I've been using SecureID for the better part of a year now and am
quite pleased with the way it works.  Here are the negatives,
though they are not very interesting:

-- There is a false rejection rate of around 2-5% (failure to login
   with my presumably valid SecureID card). This includes modem
   bobbles and database crashes. It generally is self-correcting.
-- Dialup access only. This would prevent me to access my mail server
   (which is inside the firewall) from telnet.
-- Interactive access only; I can't program my home machine to dial
   in at 5:00 AM to read mail without intervention.
-- We have a mixture of direct and 800 number dialups -- this presumably
   protects against problems unique to a single server.

In my case, SecureID is integrated into ARA (Apple Remote Access).
Client installation was trivial. I don't know what, if any, link-encryption
is incorporated.

The user overhead is about 30 seconds per dialup.

Martin Minow
[email protected]


>someone at my firm is about to press the securid system down our collective
>throats. please point me to the recent thread on this subject, and/or point
>me to some url's or the like, or to someone who has some firsthand knowledge
>of the pitfalls and/or vulnerbilities of secirid.
>
>cheers,
>	-paul
>