Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/2/2007
03:22 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Mobile Phones Generate Passwords

New app puts two-factor authentication on handset

New software from Secure Computing could soon let your mobile handset serve as a second factor of authentication for remote access to the enterprise network.

Secure Computing on July 9 will officially roll out SafeWord MobilePass, which generates one-time passcodes from a user's mobile phone, Dark Reading has learned.

"It's an alternative to the hardware token," says Stuart Rauch, director of product marketing for Secure Computing. "Since a lot of [enterprise] users have mobile phones with them now all the time, they can have this installed on the phone so they don't have to carry a hardware token."

Secure Computing has already begun quietly shipping the MobilePass application to some of its customers. The catch is that it's a tool for the company's SafeWord PremierAccess 4.0 authentication management software for remote access using Microsoft's Active Directory.

The user basically pulls up the app on a phone, pushes a button, and it generates a one-time password for logging onto the corporate network. MobilePass works on BlackBerry, Palm, Windows Mobile, and J2ME-enabled mobile devices, and Secure Computing plans to make the software available for Windows-based laptops and desktop machines as well.

Secure Computing's PremierAccess software starts at about $100 per user.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Secure Computing Corp. (Nasdaq: SCUR) Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Attackers Leave Stolen Credentials Searchable on Google
    Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
    How to Better Secure Your Microsoft 365 Environment
    Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win an Amazon Gift Card! Click Here
    Latest Comment: We need more votes, check the obituaries.
    Current Issue
    2020: The Year in Security
    Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
    Flash Poll
    Assessing Cybersecurity Risk in Today's Enterprises
    Assessing Cybersecurity Risk in Today's Enterprises
    COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2021-3272
    PUBLISHED: 2021-01-27
    jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
    CVE-2021-3317
    PUBLISHED: 2021-01-26
    KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
    CVE-2013-2512
    PUBLISHED: 2021-01-26
    The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.
    CVE-2021-3165
    PUBLISHED: 2021-01-26
    SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI.
    CVE-2021-1070
    PUBLISHED: 2021-01-26
    NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an un...