Review - RSA SecurID

SecurID for Windows fully integrates with Microsoft's Active Directory and enables domain-level access management along with new offline capabilities.

At backend, RSA ACE Sever is required. The client requires the RSA ACE/Agent installed. The SecurID generates one time pass code and user types in PIN and pass code to logon. The pass code is synchronized with the backend. The authentication protocol is Kerberos in Windows. Unlike the smart card, Microsoft Kerberos doesn’t have any extensions to support OTP logon. Therefore, RSA ACE replaces SecurID with the user’s password in the background for actual authentication.

Pros:

- Relative larger installation base in the world

- Support OWA

Cons:

- Can not combine logical access and physical access in the same badge

-  The underlying managed password authentication is the foundation thus the security strength is not as high as smart card

Overall Rating:

7 out of 10