Two-Factor Authentication with RSA SecurID

Hi Everyone,

As of today, we’ve finished implementing two-factor authentication in Passwordstate V6, using RSA’s SecurID solution. Once we have a beta of Version 6 available, we’ll be asking for testers of this functionality, as we’ve only been able to test using RSA Authentication Manager 7.1 SP4 Patch 22 – the Authentication Agent library we’re using is meant to be compatible with Authentication Manager 6.x, 7.x and the upcoming 8.x – due for release later this month.

Configuring Passwordstate to use SecurID is a fairly simple process, and we’ve written up specific documentation to assist customers with the initial configuration. Once done, you will be able to choose anyone of the following options:

  • Secure access to Passwordstate using SecurID Authentication – this is for both installs of either Active Directory authentication, or forms based authentication
  • Secure access to Passwordstate using both AD and SecurID Authentication – obviously only for AD users
  • Secure access to Password Lists using SecurID Authentication

We’ve also added a new option called ‘If one of the SecurID Authentication options are selected, auto-populate the UserID field based on the current logged in user – domain suffix will be dropped if using Active Directory version of Passwordstate’. If your Passwordstate UserID’s are the same format as your SecurID User ID’s, then this makes it a little quicker to authenticate.

Now for some screenshots:

Secure access to Passwordstate using SecurID Authentication

SecurID Authentication

 

Secure access to Passwordstate using both AD and SecurID Authentication

SecurID and AD Authentication

 

Secure access to Password Lists using SecurID Authentication
SecurID Authentication for Password Lists

 

 

We hope you like this feature when version 6 is available.

PS5 Update – ScramblePad Authentication

Hi All,

In version 5 of Passwordstate, we will be introducing a  second-level authentication called ScramblePad Authentication (see screenshot). Some of the features relating to the ScramblePad Authentication are:ScramblePad Password Authentication

  • It can be enabled by Security Administrators for all users, or individual users can choose to use it for their own account – it’s an optional feature
  • A ScramblePad pin number will be assigned to your account, and you must type in the corresponding letters when you log in
  • The letters displayed are randomly generated every time, which is particularly good to mitigate against key loggers – as what you type in for your pin number will be unique every time

We also intend to introduce an option for forms based authentication in the next release. With forms based authentication there will be no reliance on Active Directory, and users will need to type in their username and password to authenticate.

We hope you like the new feature when its released, and we’d love to hear your feedback regarding it.

Regards
Mark