This page contains a Flash digital edition of a book.
IDENTIKEY


DIGIPASS Authentication for Windows Logon


DIGIPASS Authentication for Windows Logon, an extension to IDENTIKEY Server 3.1., is a cost-effective solution for enterprises wanting to protect their Windows PCs connected to the corporate network against unauthorised access.


The traditional use of static passwords for logon is considered very unsafe. Not only for remote access over the Internet, but also for the local connection to the corporate network in the office. By replacing static passwords with VASCO’s strong authentication, companies can uplift their level of security.


DIGIPASS® Authentication for Windows Logon offers


companies of all size a cost-effective way of protecting their Windows PCs - connected to the corporate network - against unauthorised access. Even when laptops are not connected to the LAN, they remain secure, increasing the security of stored data in case they go missing or get stolen.


‘DIGIPASS Authentication for Windows Logon’ is an extension to IDENTIKEY®


Server 3.1. It allows users to logon


to their Windows desktop on the network via a DIGIPASS- generated one-time password (OTP).


HOW DOES IT WORK?


‘DIGIPASS Authentication for Windows Logon’ is installed as a small software module on the end-user’s Windows environment. It can be installed on desktop PCs and laptops that are connected to the corporate network. As soon as ‘DIGIPASS Authentication for Windows Logon’ is setup, it replaces the original login window by a version that will send the login credentials to IDENTIKEY Server for verification. When the authentication request is positively validated, the original static password is sent back to the desktop and used for domain login.


SECURE IN CONNECTED AND UNCONNECTED MODE


When laptops are used outside the corporate network, for instance on the road or at home, the log-on module will work in unconnected mode, allowing the same strong authentication functionality as in connected mode. This prevents unauthorised access even when these laptops are unsupervised or stolen.


If the computer works in unconnected mode, the login credentials are validated against a local database of one-time passwords. These OTPs are generated when the PC is working in connected mode, and they are securely encrypted and stored. With thousands of OTPs generated upfront, the user can work for several weeks in unconnected mode.


AUTOMATIC DETECTION OF AUTHENTICATION SERVER


Behind-the-scene mechanisms have been implemented to ensure that the correct IDENTIKEY Server is detected on the network when a user reconnects and that the static password in the IDENTIKEY database is always up-to-date. The communication between the desktop logon module and IDENTIKEY is done over a security certificate-based SSL connection.


The world’s leading software company specializing in Internet Security


Page 1  |  Page 2