Successful Alternatives To Password Authentication? 188
DonaldP asks: "Have any of you successfully deployed a key, token, or biometric-based access control for Windows machines to replace (or enhance) the typical login/logout authentication process (even image-recognition schemes would be considered)? I see different stuff out there but short of actually evaluating each one, it's hard to get a good idea of what the scene is like, what is crap and what actually delivers. Does anyone have experience with such systems, or can suggest other suitable solutions?"
"Some existing solutions (smartcards, etc) have their own quirks. Most notably, they trigger a login, or a logout event (plug it in to log in, remove to log out). Frankly, that just takes too long. Access granting needs to be quick and easy, because it will be frequent (and Fast User Switching doesn't work on machines that are part of a domain, according to Microsoft's docs). The machines I want to deploy on are domain-connected systems, basically serving kiosk roles in a warehouse. Usage is frequent, usage of a system is shared, and access needs to be quick and easy.
A 'Holy Grail' would be something like you see on the point-of-sale terminals in the food industry. Waitrons swipe or wave their card to access the (shared) terminal, quickly punch in or look up what they need, and they're out of there until next time.
The specific technology used (iris scanner, fingerprint scanner, smartcard, keycard, RFID, etc) isn't particularly important. I want to roll out something easier for the floor people to manage than the typical standard username/password authentication method, that provides:
- FAST locking/unlocking the screen (or fast login/logout action).
- Allows multiple 'keys' to be used for one system (many individual users, one computer).
- An event log (or equivalent) to identify which key unlocked/locked the system and when.
- the ability to disable individual keys in the event of loss, theft, etc.
The few products that I have found range from so-so to vapor-seeming. PSL would probably hit all the bases but it looks like vapor. The documentation link isn't there, the FAQ is blank, and the 'Reviews' and 'News' pages are empty. The RF-based one for WirelessDefender seems slick but it doesn't look like the hardware would accommodate multiple users for a single unit."
In addition to recommendations and suggestions, if you've tried biometric authentication and have horror stories of stuff that *didn't* work, feel free to share those too, if you would."
A 'Holy Grail' would be something like you see on the point-of-sale terminals in the food industry. Waitrons swipe or wave their card to access the (shared) terminal, quickly punch in or look up what they need, and they're out of there until next time.
The specific technology used (iris scanner, fingerprint scanner, smartcard, keycard, RFID, etc) isn't particularly important. I want to roll out something easier for the floor people to manage than the typical standard username/password authentication method, that provides:
- FAST locking/unlocking the screen (or fast login/logout action).
- Allows multiple 'keys' to be used for one system (many individual users, one computer).
- An event log (or equivalent) to identify which key unlocked/locked the system and when.
- the ability to disable individual keys in the event of loss, theft, etc.
The few products that I have found range from so-so to vapor-seeming. PSL would probably hit all the bases but it looks like vapor. The documentation link isn't there, the FAQ is blank, and the 'Reviews' and 'News' pages are empty. The RF-based one for WirelessDefender seems slick but it doesn't look like the hardware would accommodate multiple users for a single unit."
How can we do your job for you... (Score:3, Insightful)
I've used SECURID tokens and they work, but they're slower than regular login/logout methods.
Are you trying to lock access to the desktop or is the desktop being used as a dumb terminal to some random application?
If the latter then can you just lock down the desktop and modify the application?
I'm thinking that this is for something like a time card system, where people walk up, sign in/out and walk off. Given that you're saying speed is of the essence then it seems that that is likely. Have you considered a commercial offering? I am sure that most of the vendors have some sort of solution to uniquely identify particular individuals.
Magnetic stripe card containing a private key and a passphrase (pin?) known by the employee would work.
If you need to grant them full access to the windows PC then why are you worrying about security in the first place...:-)
Z.
Remove passwords (Score:5, Insightful)
After 6 months I can happily say, it worked, the move is vindicated and the frightened little control freaks had to eat their words
and admit it is pure genius.:)
We removed all our passwords.
Obviously this doesn't suit everyone. We are a smallish organisation with less than 50. The idea that everybody could actually
be trusted inside the organisation was central, as was the fact that most are not very computer minded and basically quite thick
when it comes to remembering passwords. The point being that if anyone inside the organisation could *NOT* be trusted then we were
screwed anyway, passwords or not. The move coincided with a massive revamp of network structure, a very restrictive new
firewall and password free ACL, basically cutting the intranet off from the outside except for a few key workstations that need general WAN access,
everything else is VPN. So now you can just walk up to any console, type your login name and get access. We can still log who does
what, and casual visitors can't just get access unless they know a valid login name. Because there are no secrets from each other anybody
can use anybody elses login if the wish. In 6 months I haven't seen anybody do that, because there is no need to. Sunlight is a great disinfectant.
Obviously this would not work in a paranoid organisation where everybody is at each others throats, or it would radically change everything if
you did try it.
Sometimes you have to take a step back to see the wood for the trees.
Re:The most secured system... (Score:2, Insightful)
My TRS-80 Model 100 is even MORE secure, as the EPROM or non-volatile memory would have to be hacked for rogue software to be running on it. Or something bad with BASIC.
And my SYM-1 is even better. With only a 6502 processor, and 4K of static RAM, an intruder would have to sneak in, enter his trojan on the hex keypad, and be certain you didn't cycle power before next using the system.
Why not ID badges? (Score:5, Insightful)
I suppose we would then only have to worry about our coworkers stealing our badges to do nefarious stuff as our own so perhaps we could combine it with thumb print scanner and maybe a pin number.
Still, I guess one could beat the password out of the poor worker, steal his badge, and then cut off his thumb... Or maybe kidnap his kid and blackmail him.
Seriously, unless you are working in a government agency, I don't see anymore security you are going to get out of a badge through and a thumb print.
Biometrics are hazardous to security!!! (Score:3, Insightful)
How is this different from passwords, you say?
You can change your damned compromised passwords! Once your biometric info gets out there, you're compromised for LIFE.
My advice is to avoid all instances of biometric 'security'. Forever.
Restricted physical access (Score:2, Insightful)
I wouldn't do that in most offices though.
Re:Remove passwords (Score:3, Insightful)
Just because you trust everyone now doesn't mean that you shouldn't, for accountability reasons, maintain adequate activity logs, and if people use each others accounts all the time then you will find it impossible to tie any action to an individual.
Re:Why not ID badges? (Score:4, Insightful)
Or you could say, "Hey Joe, I need your card, can I get it?"
I once maintained a misson-critical database system for a large physics experiment, which used barcode readers to determine who assembled what parts of the detector. On my first visit to the cleanroom where the actual assembly was taking place I found a piece of wood that had stickers with everyone's barcode printed on, so any old assembly worker could become the supervisor, for example. It turned out that the database had some deep issues that made it practically impossible for the workers to actually do the assembly without lying to it. And because it was all hand-rolled C++ spaghetti that was actually trying to get an adequate solution to an NP-hard problem under some severe constraints it wasn't practical to change it. Nor was it actually necessary, because the workers were really trying to do the right thing, they just couldn't.
But the experience made me very aware of how easy it is for co-operative workers to fake reality big-time without the system being at all aware of it, and most password/identity schemes are subject to this. Some kind of deep biometrics really does seem to be required, but unless they are very reliable, fast, easy to use and unobtrusive they won't be used. And some, as others have pointed out regarding optical fingerprint readers, are very easy to game.
Re:Biometrics are hazardous to security!!! (Score:3, Insightful)
However what if, instead of getting their hands on my hash, they get something that looks like my finger, at least to a sensor?
Well then I am fucked, and the argument about consequences are real. Can't change my finger. Well, I can up to 10 times, but an authentication scheme with only 10 possible hashes is obviously lousy.
overkill? (Score:3, Insightful)
Sounds like this guy needs a quick system for employees to check some info. It DOESN'T sound like the submitter is working in a nuclear plant, a bank vault, or any other highly secure facility.
Check http://www.snapfiles.com/get/naturallogin.html/ [snapfiles.com] out. It's a shareware program ($30 to buy) that uses USB flash drives and inserting them into a USB port automatically logs them into the windows system. Sounds like it will work with the existing windows login scheme.
Retina scanning, RSA keys, and fingerprinting sound cool, but they're probably overkill, and overly expensive. They have their place; but I'm inferring that the submitter doesn't need to be THAT secure.
I worked at Lowe's (the home improvement warehouse) and we had to make shelf tags, check stock for customers, order products for customers, run registers, and clock in/clock out. We did it all with one system with an employee number and social security for password. It would have been easier and cooler if I didn't have to give out my SSN every time I checked stock on an item for a customer.
Re:Why even use biometric??? (Score:2, Insightful)
A point often missed (Score:3, Insightful)
Using biometrics might still require some action on your part (put the thumb on the reader, look into the reader, etc.) but the password is always the same. You may be unaware of what it is being used for -exactly-. This risk is non-existent with passwords, if you pick your passwords carefully. You have to consciously select the password you memorized for this particular application and if you do it well, the password won't unlock anything else.
I'm not saying passwords are the end-all of security, but they do have this aspect whereas most other solutions that are being considered because of their increase safety in terms of creating copies or simply 'cracking the code' don't.