RSA Security is renewing its focus on improving the security of user passwords. The company on Monday announced RSA Sign-On Manager, a rebranded version of its SecurID Passage product that the company claims will make it easier for enterprises to manage user passwords.
The relaunched product will be available in the third quarter of this year and will be able to manage user log-ins for around 90 different enterprise applications using single sign-on technology licensed from Passlogix. A new RSA technology called IntelliAccess will allow users to recover forgotten user names and passwords, saving expensive help desk calls, RSA said.
Single sign-on technology allows organizations to simplify management of user access credentials. The products store credentials for multiple applications, then interact with those applications on behalf of users during log-in, allowing users to keep just one user name and password combination, rather than maintain a separate set of credentials for each network or Web application they need to access.
The new RSA product will work with any x.509-standard digital certificate authority, as well as a wide range of RSA's two-factor authentication technologies, including RSA SecurID authenticators, RSA Smart Cards or USB (Universal Serial Bus) authenticators, as well as biometric identifiers, digital certificates and standard passwords.
Passlogix's V-GO SSO technology provides the single sign-on functionality. The U.S. Postal Service said in May that it will use V-GO in a massive single sign-on deployment to 155,000 end users and more than 7,000 applications and Web sites. The Sign-On Manager joins that technology to strong authentication products, for organizations that want to simplify their users' online experience, but still maintain strict security around user access, said Phil Fulchino, director of product management at RSA.
The idea is to ease the transition from basic user name and password schemes to more secure multifactor authentication. Customers can simply use the Sign-On Manager's management interface to add on two-factor authentication for different departments or groups of users within their organization, or even for a single user.
The software-only product uses a Microsoft Windows XP and Windows 2000 client that authenticates the user at the desktop and manages access to network and Web applications. A separate Sign-On Manager server stores user credentials and authentication policies for the applications under management, periodically updating the Sign-On Manager clients. The server runs on Windows 2003 machines. A version for the Sun Microsystems Solaris environment is also due soon.
The Sign-On Manager's IntelliAccess feature allows users to retrieve forgotten sign-on credentials, even when disconnected from the Sign-On Manager server, by providing unique, identifying information at the desktop, which is checked against credential information stored securely on the client.
Management features also make it easier to maintain strong security for network- and Web-based applications by allowing administrators to schedule automatic password updates for their applications. Those passwords and updates are managed by Sign-On Manager and are transparent to end users, Fulchino said.
The announcement is just the latest from RSA concerning password management and single sign-on, which is an often cited source of irritation and expense for companies.
In February, RSA and Microsoft introduced RSA SecurID for Microsoft Windows. Scheduled for release in September, SecurID for Microsoft Windows allows two-factor authentication to Windows environments using a small token that generates a random six-digit number every 60 seconds. The number is used along with a PIN (personal identification number) to log on to Windows.
The initial Sign-On manager will not support SecurID for Windows, but a future version will, RSA said.
RSA hopes the new product will appeal to companies that want to simplify the online experience for their users and save money on user support. Calls to retrieve lost or forgotten passwords are among the most common at help desks and can cost between US$50 and US$75 each to handle, RSA said.
The Sign-On Manager is being beta-tested now and is scheduled for release in September and will cost around US$89 for a single user license.