at work we're having a discussion about 2 factor authentication. We're comparing the traditional RSA token with Symantec's VIP Access solution.
The upside with the RSA token seems to be that it has a token that is completely separate from your environment that displays the one time portion of your password. However, it requires that you manage the logistics of dealing with and tracking the physical tokens. The symantec VIP solution allows you to download a client for your phone, mac, or PC that displays the one-time portion of your password. My hesitation with the Symantec solution is that it's most convenient to download the client onto the computer you'll be using to access your environment. How much of a risk is this? Is this really two factor authentication at this point, realistically speaking.. or is the risk of someone screengrabbing your password too far out there? -Bryan
_______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
