Skip to main content

Living up to "Two-factor Authentication that doesn't suck"

At the SecurityTwits Meetup during DefCon, James Arlen aka @myrcurial introduced me to someone as being from "WiKID Systems - two-factor authentication that doesn't suck". This is high praise.  The first question was "What doesn't suck about WiKID?".  While it was enough for James that we not be $3letterCompetitor, that's not enough for me.  I've really been thinking about what it means to not suck.

I first responded by giving the key differentiating features: use of public key encryption instead of shared secrets; that each user can have more than one token without a reduction in security; that we can do mutual https authentication, etc.  However, it quickly occurred to me that being good at something is not necessarily the same as not-sucking.  So here are my thoughts on why WiKID does not suck:

 

First off, giving back. We've got an open source version. This is our way of giving back to the community and reducing the cost of two-factor authentication, drastically for certain users.  Our mission is to reduce the usage of static passwords.  Having an open-source version is part of that mission.

Openness is also key.  If you want to see how our code works, have a look.  I'm a bit disappointed that more people haven't looked, but some have and I really like that.  The ones that do give use great, great feedback (and not sucking requires feedback).  I know that students, teachers and researchers have used our software to learn and teach and that is awesome.

Responsiveness and flexibility are important non-sucking attributes as well.  We try to be as responsive as possible to customer and prospect requests.  When we haven't responded quickly it is usually because we are responding to something else we consider to be a higher priority.  We have rarely "dropped the ball".  We are not dogmatic either.  if you want to do something in a way that works for your organization, then we'll help make it happen.  If it's not the most secure way, but still a more secure way, that's progress in our book.

While not-sucking is a relative position and it helps to have sucky competitors, I just wanted everyone to know that we are actively trying to not suck.

 

 

Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom