I have one, it’s true. Which does not mean that I claim any great security knowledge.
It started long ago in the PC remote access wars of the late 1990’s. Remember? IP-SEC VPN and Certificates versus SSL Gateway style solutions like Citrix and a token fob. I hated then (and still do) the complexity of VPN, and loved the portability of a token and the simple ability to switch devices for remote access.
I flirted briefly with the idea of token and two factor as a way of avoiding the rush towards making everyone’s network login credential (Active Directory) more complex, since complexity drives more password resets. An elegant idea, but only valuable if you can deploy a password wallet so that the end user does not even know their active directory password, and that model never took off in Canada. There are some large US firms who made it work
And in more recent years I have been a firm believer that the combination of desktop virtualization and centralization, getting data off devices and into the data centre, if coupled with two factor authentication, solves the vast majority of access security and data leakage scenarios that most enterprises struggle with. It is a simple and well understood solution, yet most firms perceive it as too intrusive for their employees.
Recently I have switched most of my key Internet Services (LinkedIn, Twitter, Yahoo, Microsoft, etc) to two factor authentication where they send me a code via SMS whenever I log in. Work’s great, and while not a panacea, adds just a bit more access control in a world that feels all too vulnerable.
Also recently became aware of a product called Nymi from a Toronto company called Bionym. It is truly cool (ok I admit it I am a geek). It is a wearable, a wrist band I guess, that uses your heart wave/ECG (way too scientific for me,smiley). Apparently our ECG patterns are all unique. When you add that unique pattern to the fact that the device is on your wrist, and you have to pair/register Nymi with your smartphone or PC you are trying to access. Essentially you get 3 factor authentication without yet adding a password. Wow! just by getting close to your device!
Now that by itself does not solve access to the web properties like Yahoo, unless Nymi and they agree on some sort of interface, but hopefully that happens. Either way, a very interesting take on authentication, and from Toronto based folk
Theconfusedpundit's Blog 