Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, February 16, 2006

Firms: Don’t expect federated IDs soon

Banks and analysts have seen the adoption of two-factor authentication driven by federal requirements and early adopters, but warn users that their pockets might be filled with dongles and smart cards because a universal access token is years away.

An E*TRADE Bank executive said that the company had more than $700 million in accounts protected by two-factor authentication and that customers that use a second factor have tripled the money in the accounts compared with a control group that only uses passwords.

Some security and e-commerce companies have touted a future where consumers can sign in once and use that federated authentication throughout the commercial Web.

In the past, Microsoft has tried to turn its Passport online identity system into the backend authentication system for e-commerce providers, but privacy experts worried that the move would give a single company too much power in managing consumer information.

Posted on 02/16