mailing list archives
RE: Strong Authentication For A Windows Logon
From: "Daniel Surdu" <daniels () graycon com>
Date: Tue, 12 Nov 2002 11:40:18 -0600
Yes, SecureID works that way.
You obviously need the ACE Secure ID server to be available to
authenticate the user, and you need to have the ACE Secure ID client
installed on the Laptop.
If all that is in place, if the user does not supply the correct
SecureID token, he/she cannot log on to the workstation.
I have tested the above set-up with ACE Secure ID server/client software
for Windows NT, but I am sure their newer versions that support Win2k
work the same way.
From: Alan Blackwell [mailto:blackwellalan () hotmail com]
Sent: November 11, 2002 8:10 AM
To: security-basics () securityfocus com
Subject: Strong Authentication For A Windows Logon
The engineers where I work need to use a laptop with special
it to help them maintain some plant machinery. This laptop
will be a Windows
2000 laptop that will log into the new Active Directory
enabled Domain that
is being setup. For various reasons we need very strong
control of who logs
onto this laptop and when.
The current idea is to use strong authentication on the
Windows logon that
the laptop user will use. The idea is to issue a SecurID token to an
appropriate senior engineer who needs to authorise any
changes to the plant
machinery. By using the token as part of the laptop's windows
logon we can
ensure that whichever engineer has the laptop out needs to
call the senior
engineer during the logon process. If they don't they can't
logon as they
won't have the passcode.
Can anyone answer the following:
Do SecurID tokens work with Windows logons in this way, if so
how do you set
If SecurID tokens don't work in this way are there any other strong
authentication solutions for Windows that anyone cares to
recommend? I would
prefer something similar to the above where a passcode from a
required if possible.
Thanks for your help.
Add photos to your e-mail with MSN 8. Get 2 months FREE*.