February 01, 2004
Starting from $1,864,including ten Digipass GO1 or GO3, the VACMAN Middleware software license and a one-year maintenance subscription
- Ease of Use:
- Value for Money:
- Overall Rating:
Flexibility of implementation.
Not for the faint hearted.
A potentially comprehensive product using dynamic passwords.
The Digipass pack product from Vasco is perhaps less of a product in the accepted sense and more of a security philosophy – the philosophy in question being that of dynamic, one-time password creation using portable tokens.
The tokens supplied for review were the Digipass GO1 variety, a read-only token from which the user simply reads the one-time password when required (there are other types of tokens which allow for direct user input as part of the password-generation process).
These tokens are attractively finished and feature a pull-out section which, when activated, displays the six-digit password number that stays visible on the small LCD for about 15 seconds. The tokens come supplied with a holder to be worn "around the neck," making them easy to carry at all times. They are battery powered and should remain active for roughly five years.
From the user perspective, this is a straightforward methodology, undertaken via the robust, attractive and easily carried Digipass token. There is more to it than this though and Vasco has considered a number of approaches to implementation, supplying various flavors of the Vacman Radius middleware software.
Comprehensive implementation guidelines are provided for a number of gateway and server products and should help system administrators who want to quickly understand how to deploy such a product.
Indeed, the supplied CD is full of useful information, from white papers to original product leaflets.
Furthermore, Digipass products are supported by a wide range of technology suppliers and partners, ensuring a practical implementation in most cases, whatever your particular network architecture.
This is a serious product for those who are serious about security. For many, the question will be if they support the one-time dynamic password generation approach or whether they move towards tokens and/or biometrics. If the former is the case, then this is a product to investigate further.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- 185M incidents bypassed perimeter defenses - report
- OVH suffers massive 1.1Tbps DDoS attack
- IoT assault, connected devices increasingly used for DDoS attacks
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- BIND update fixes high-severity flaw affecting ICS, as CERT releases update to CSET tool
- ISACA programme aims to attract more women into technology professions
- End-of-support devices on networks weakening cyberdefenses, report
- Android.Lockerscreen using pseudorandom passcodes to ensure payouts
- FBI investigating hacked mobile phones of Democratic officials