Latest in Authentication

Image credit:

RSA hacked, data exposed that could 'reduce the effectiveness' of SecurID tokens

Tim Stevens
March 18, 2011
Share
Tweet
Share

Sponsored Links

If you've ever wondered whether two-factor authentication systems actually boost security, things that spit out pseudorandom numbers you have to enter in addition to a password, the answer is yes, yes they do. But, their effectiveness is of course dependent on the security of the systems that actually generate those funny numbers, and as of this morning those are looking a little less reliable. RSA, the security division of EMC and producer of the SecurID systems used by countless corporations (and the Department of Defense), has been hacked. Yesterday it sent out messages to its clients and posted an open letter stating that it's been the victim of an "advanced" attack that "resulted in certain information being extracted from RSA's systems" -- information "specifically related to RSA's SecurID two-factor authentication products."

Yeah, yikes. The company assures that the system hasn't been totally compromised, but the information retrieved "could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack." RSA is recommending its customers beef up security in other ways, including a suggestion that RSA's customers "enforce strong password and pin policies." Of course, if security admins wanted to rely on those they wouldn't have made everyone carry around SecurID tokens in the first place.

[Thanks to everyone who sent this in]





All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
Tweet
Share

Popular on Engadget

NVIDIA apologizes for RTX 3090 pre-orders before they even begin

NVIDIA apologizes for RTX 3090 pre-orders before they even begin

View
Samsung's newest watches can now take ECG readings in the US

Samsung's newest watches can now take ECG readings in the US

View
Google's Nest Audio speaker revealed early by Walmart

Google's Nest Audio speaker revealed early by Walmart

View
Amazon Fire TV Stick Lite leaks ahead of tomorrow's hardware event

Amazon Fire TV Stick Lite leaks ahead of tomorrow's hardware event

View
'Among Us' developers cancel sequel plans, focus on their new/old smash hit

'Among Us' developers cancel sequel plans, focus on their new/old smash hit

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr